On Thu, Sep 12, 2013 at 04:44:31PM +0100, Keith wrote: > With a CA on each freedombox there need not be a requirement for a > server. > > If my understanding of Tor is right, it is designed for anonymity, not > encryption, should not need a CA for this.
Can you get PFS with snakeoil (I presume these are generated during the installation, is there at all enough entropy at that time so this is safe?) certs? Postfix and dovecot in newer versions can do PFS: http://www.heinlein-support.de/blog/security/perfect-forward-secrecy-pfs-fur-postfix-und-dovecot/
signature.asc
Description: Digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
