On Thu, Jul 22, 2021 at 08:45:36AM -0400, Viktor Dukhovni <[email protected]> wrote:
> > On 22 Jul 2021, at 7:57 am, raf <[email protected]> wrote: > > > > The FORWARD_SECRECY_README suggests regenerating the > > Postfix SMTP server EDH parameters periodically. > > Would doing so necessitate a postfix reload? > > No. The new parameters get picked up by new smtpd(8) > processes as old ones exit after handling $max_use > connections or being idle at least $max_idle. Thanks for that. Am I right in thinking that the same doesn't apply when letsencrypt certificates are renewed? I read somewhere that people needed to automate the restarting of postfix and dovecot when that happens. > That said, the built-in default 2048-bit group should > be quite strong. If some state actor can crack that, > they should also be able to break 2048-bit RSA, which > is the key size of the WebPKI CAs and root DNSSEC keys. > > So if you don't rotate the parameters, you're still fine. > Just generating your own group once is quite sufficient > unless you believe you have nation-state value secrets > to protect. I was more concerned that the documentation doesn't state clearly whether or not a reload is needed. Perhaps the absence of such a statement is to be interpreted to mean that it doesn't, but that would just be a guess, and TLS_README doesn't mention needing to reload when the certificate/key files are updated, but it seems that that is needed. > In practice security is compromised by going around the > crypto, rather than cracking the algorithms. Focus on > the basics, keeping your endpoints up to date, monitoring, > ... Security is about operational discipline, the > cryptography gets all the press, but is almost never the > weak link. Very true, but the care and feeding of crypto matters too, otherwise https://ssl-config.mozilla.org and https://www.ssllabs.com wouldn't exist. And my government's tax department wouldn't insist on payroll service providers and the like not using anything older than TLSv1.2 for their websites and APIs. But perhaps that's just part of keeping your endpoints up to date. Having said that, regenerating DH params does seem like overkill, and just gives the monitoring more to whinge about. :-) > -- > Viktor. cheers, raf
