On Wed, Aug 14, 2013 at 11:13:52PM +0200, Ralf Hildebrandt wrote:
> * lst_ho...@kwsoft.de <lst_ho...@kwsoft.de>:
>
> > >* Do I need tls_preempt_cipherlist = yes, and thus Postfix 2.8.0 or not?
> >
> > This let the *server* (Postfix) choose a cipher suggested by the
> > client, so it depends. If the client has no DH ciphers it doesn't
> > help, if the client list DH ciphers later in the list Postfix can
> > choose the DH ciphers that way. If the client has DH ciphers first
> > in the list it is not necessary.
>
> Well, we can't force them. Is an EDH cipher usually considered
> "stronger" than a non-EDH cipher and thus automatically preferred?
OpenSSL 1.0.0 or later by default prefers EECDH and EDH ciphers to
non-EDH ciphers for any given key length. The cipher preference
in older OpenSSL releases (typically 0.9.8) is less deliberate.
Not all clients are OpenSSL based, Exim often uses GnuTLS for example.
If your server is using OpenSSL 1.0.0 or later, just set:
tls_preempt_cipherlist = yes
to choose the strongest cipher-suite proposed by the client, but
be aware that some clients may propose low priority cipher-suites
that they don't correctly implement.
--
Viktor.
