On Tue, May 14, 2013 at 09:42:08PM -0500, Salz, Rich wrote:
> Viktor gave some excellent advice. I'd tweak it by removing
> 'export' as something to support. And perhaps use weak, good,
> strong -- whatever, keep the number of choices very small. I'd
> suggest to not use "default" since folks will get upset if it
> changes. They are more accepting if the definition of 'strong
> cipher' changes with time. It's curious, but it's the way humans
> seem to work.
The reason Postfix supports "export" is because it supports an
opportunistic TLS mode, where we fall back to plain-text if the
remote server does not offer TLS, or the handshake fails.
So the "export" grade is default for opportunistic connections,
since even "export" is somewhat better than plain-text.
With mandatory TLS destinations the default cipher grade is "medium".
The actual design has to match the constraints and requirements of
the particular application as well as usability considerations.
> The openssl cipher spec is pretty darn subtle and it is far too
> easy to get wrong.
Excellent one sentence summary.
--
VIktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
