On Tue, Dec 24, 2013 at 01:29:38AM +1100, nanotek wrote: > Still, might be a good time to create my own CA and upgrade to 4096 bit > keys/certificates
You can deploy 4096-bit RSA key if it makes you feel more cool, but there is little point in going beyond 2048-bit RSA at this time. The further you stray away from current practice into the land of "extreme" cryptography, the more likely you are to run into interoperability problems, without any real security gains. > using SHA512 algorithms TLSv1 and TLSv1.2 does not support negotiation of digest algorithms. Deploying digests beyond SHA1 will cause interoperability problems with systems that don't yet support the SHA2 family. > and make use of some > Diffie-Hellman ephemeral elliptic curve parameters for perfect forward > secrecy. This is enabled in Postfix >= 2.8 by default. If you stuck with 2.6 or 2.7, see the new forward secrecy document. We obviously don't know which is stronger against hypothetical unpublished attacks, EDH at 2048-bits or the P-256 curve. Feel free to roll the dice. Against publically known attacks P-256 is both more secure and more computationally efficient than 2048-bit EDH. > I've read http://www.postfix.org/TLS_README.html -- Postfix > documentation is exceptional by the way Thanks for the praise. -- Viktor.
