Thanks Joseph, Aki, but something missing from upgrade document, where
does the dh param file go? I located ssl-parameters.dat so I will put
it there.
Quoting Joseph Tam <jtam.h...@gmail.com>:
On Fri, 22 Jun 2018, Joseph Tam wrote:
However, recent advances make this condition obsolete [*] and not
really safer, so a much faster way to generate a DH key is
openssl dhparam -dsaparam -out dh.pem 4096
DH generation is a one time operation, so if you're paranoid and you've
got time to burn, go ahead and generate the "safe" DH key.
[*] https://security.stackexchange.com/questions/42415/openvpn-dhparam)
Oh, I might have to backtrack on this claim
https://www.openssl.org/news/secadv/20160128.txt
although it's beyond my understanding whether it's applicable to Dovecot.
Joseph Tam <jtam.h...@gmail.com>
-------------------------------------------------
ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!
