Dear mail operators,
Testing the mail setup, I was surprised to have the key exchange
parameters flagged [1]:
a1241.mx.srv.dfn.de. DH-2048 insufficient
Explanation:
DHE: The security of Diffie-Hellman Ephemeral (DHE) key exchange
depends on the lengths of the public and secret keys used within the
chosen finite field group. We test if your DHE public key material
uses one of the predefined finite field groups that are specified in
RFC 7919. Self-generated groups are 'Insufficient'.
See 'IT Security Guidelines for Transport Layer Security (TLS) v2.1'
from NCSC-NL [2], guideline B5-1 and table 9 for ECDHE, and guideline
B6-1 and table 10 for DHE (in English).
Mozilla’s SSL Configuration Generator also suggests for *Intermediate*
and *Old* [3]:
# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam
# not actually 1024 bits, this applies to all DHE >= 1024 bits
smtpd_tls_dh1024_param_file = /path/to/dhparam
I read the explanation [4], but I am ignorant about the cryptographic
details.
Have most of you moved to ECDHE? If not, are you using the predefined
finite field groups specified in RFC 7919 [5]?
Kind regards,
Paul
[1]: https://www.internet.nl/mail/molgen.mpg.de/968847/#control-panel-15
[2]:
https://english.ncsc.nl/publications/publications/2021/january/19/it-security-guidelines-for-transport-layer-security-2.1
[3]:
https://ssl-config.mozilla.org/#server=postfix&version=3.6.0&config=intermediate&openssl=1.1.1s&guideline=5.7
[4]:
https://crypto.stackexchange.com/questions/81992/should-i-use-self-generated-or-predefined-rfc-7919-dh-groups
[5]: https://www.rfc-editor.org/rfc/rfc7919
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
