Hi.
if I copy an existing cipher in OpenSSL and rename it, it will act as if
it is a new cipher.
Would I need to build postfix against this new OpenSSL to be able to use
the new cipher? I think it's not required but I have a doubt.
How does the TLS negociation work ? I guess it is done by Postfix which
asks OpenSSL what ciphers are supported and depending of the
negociation, Postfix stores the cipher's OID selected.
Therefore Postfix wouldn't care of the existing ciphers and would just
select the strongest one among the ciphers presented by OpenSSL.
All this for my first question, would it be required to rebuild postfix
if a new cipher makes its way in OpenSSL to be able to use it?
Thanks,
Gregory.
- new cipher in OpenSSL, need to rebuild Postfix? Gregory BELLIER
-
