Am 18.10.2013 14:22, schrieb Adi Kriegisch: >>> PS: I need that feature to enable PFS while allowing Outlook to still >>> connect and the others not to fall back to a different cipher; I was >>> unable to find a PFS cipher that is supported by Outlook and OpenSSL >> >> ssl_cipher_list = >> EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SSLv2:@STRENGTH >> ssl_prefer_server_ciphers = yes >> >> Outlook, at least on WinXP any version, continues to use RC4 ciphers >> but any sane mail client is using PFS ciphers > Thanks for sharing; I opted for disabling RC4 completely and came up with > the following (formatted for readability) > > HIGH:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256: > > EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:ECDHE-RSA-AES256-SHA: > +DHE-RSA-AES256-SHA:!AES256-SHA256:!AES256-GCM-SHA384:!CAMELLIA256-SHA: > !AES128:!CAMELLIA128: > !aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SSLv2:!RC4:!SEED: > +AES256-SHA > which disables every cipher with less than 256bit and leaves AES256-SHA as > a last resort for Outlook...
this does *not work* with Outlook 2003-2010 on Windows XP it is also not a good idea to disable 128 Bit completly the idea behind ECDHE is that 128 Bit is as secure as non-EC with 256 Bit > and is except for that pretty similar to your cipher string and likely results in not using PFS for several clients my string is from https://www.ssllabs.com/ articles and *verified* to provide PFS for any client except WinXP a slightly different one in case of HTTP resulted in only very few clients using PFS, most likely your changes are resulting for a lot of clients in fall back to AES-256 without PFS
signature.asc
Description: OpenPGP digital signature
