It appears that Ken O'Driscoll via mailop <k...@kenodriscoll.com> said: >-=-=-=-=-=- >-=-=-=-=-=- > >I think you have to consider Postel's Law here. If your cipher choices are >causing problems for your clients, then... maybe relax them a bit? > >Transport encryption is not for confidentiality anyway.
Agreed. My MTA uses "NORMAL:-VERS-SSL3.0" R's, John >> Ciphers: >ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 >> >> Cipher >> suites: >> TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 >> >> And we only accept TLS at v1.2 and higher. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
