On Fri, Sep 20, 2024 at 00:40:35 +1000, Viktor Dukhovni via Postfix-users wrote:
> So you should be able to apply the top-most commit at:
>
> https://github.com/vdukhovni/postfix/commits/provider-kex/
>
> to a Postfix 3.10-20240917 (or earlier, modulo the expected conflict in
> the HISTORY file) snapshot, and have the group name also on the client
> side.
Bingo:
$ posttls-finger -o tls_eecdh_auto_curves=x25519_kyber768 gmail.com | grep
established
posttls-finger: Untrusted TLS connection established to
gmail-smtp-in.l.google.com[2a00:1450:4025:401::1b]:25: TLSv1.3 with cipher
TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange x25519_kyber768
server-signature ECDSA (prime256v1) server-digest SHA256
(I tried several combinations, with and without HRR, all OK)
Thanks a lot Viktor.
Geert
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
