On Mon, 30 Jan 2017 16:43:23 +0100
Thus spake Alexander Bluhm :
> On Sun, Jan 29, 2017 at 07:51:38AM -0700, Kyle Amon wrote:
> > Ahem. I still think it would be great if this could get applied
> > before yet another release goes by. ;)
>
> Commited, Thanks!
>
> bluhm
Great! And, FWIW, I've
-0700
> From: Kyle Amon
> To: ports@openbsd.org
> Subject: ECC support for sendmail
>
>
> Hi,
>
> Please consider adding the following to the OpenBSD sendmail port in
> order to add ECC support to STARTTLS (-D_FFR_TLS_EC), and hopefully to
> add a little more granu
On Mon, Jan 30, 2017 at 12:45:43PM +0100, Jeremie Courreges-Anglas wrote:
> I just want to stress that "FFR" means "For Future Releases".
> Generally I don't think we should enable experimental features just
> because we can, and I can't see why EC would be different here.
Unfortunately sendmail r
Claus Assmann writes:
> On Mon, Jan 30, 2017, Jeremie Courreges-Anglas wrote:
>
>> I just want to stress that "FFR" means "For Future Releases".
>> Generally I don't think we should enable experimental features just
>> because we can, and I can't see why EC would be different here.
>
> It is a "n
On Mon, Jan 30, 2017, Jeremie Courreges-Anglas wrote:
> I just want to stress that "FFR" means "For Future Releases".
> Generally I don't think we should enable experimental features just
> because we can, and I can't see why EC would be different here.
It is a "non-FFR" compile time option in th
Alexander Bluhm writes:
> On Sun, Jan 29, 2017 at 07:51:38AM -0700, Kyle Amon wrote:
>> Ahem. I still think it would be great if this could get applied
>> before yet another release goes by. ;)
>
> I have tested it. The server cypher list changes from
>* SSLv23TLSv1_2 DHE-RSA-AES256-G
On Sun, Jan 29, 2017 at 07:51:38AM -0700, Kyle Amon wrote:
> Ahem. I still think it would be great if this could get applied
> before yet another release goes by. ;)
I have tested it. The server cypher list changes from
* SSLv23TLSv1_2 DHE-RSA-AES256-GCM-SHA384
* TLSv1_2 TLSv1_2
Ahem. I still think it would be great if this could get applied
before yet another release goes by. ;)
--Kyle
Begin forwarded message:
Date: Mon, 28 Mar 2016 07:34:21 -0700
From: Kyle Amon
To: ports@openbsd.org
Subject: ECC support for sendmail
Hi,
Please consider adding the following to
Hi,
Please consider adding the following to the OpenBSD sendmail port in
order to add ECC support to STARTTLS (-D_FFR_TLS_EC), and hopefully to
add a little more granular control of TLS (-D_FFR_TLS_SE_OPTS) as well
(but at least the former seems a quite reasonable default in CE 2016).
--- sendmai