On Thu, Sep 19, 2024 at 05:04:03PM +0200, Geert Hendrickx via Postfix-users wrote:
> On Fri, Sep 20, 2024 at 00:40:35 +1000, Viktor Dukhovni via Postfix-users > wrote: > > > So you should be able to apply the top-most commit at: > > > > https://github.com/vdukhovni/postfix/commits/provider-kex/ > > > > to a Postfix 3.10-20240917 (or earlier, modulo the expected conflict in > > the HISTORY file) snapshot, and have the group name also on the client > > side. > > Bingo: > > $ posttls-finger -o tls_eecdh_auto_curves=x25519_kyber768 gmail.com | grep > established > posttls-finger: Untrusted TLS connection established to > gmail-smtp-in.l.google.com[2a00:1450:4025:401::1b]:25: TLSv1.3 with cipher > TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange x25519_kyber768 > server-signature ECDSA (prime256v1) server-digest SHA256 > > > (I tried several combinations, with and without HRR, all OK) With TLS 1.3 it is rather difficult to elicit resumption without a fresh key-exchange (psk_ke rather than psk_dhe_ke), so you probably have not tried that, and though I'm curious what that would report, it isn't worth the effort to patch server and client to optionally support only psk_ke. The TLS 1.3 design basically makes psk_ke unusable except in specialised deployments that don't support psk_dhe_ke. Let's let the code bake in, and if nothing further needs to change, I'll drop Wietse a fresh pointer to the git branch. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
