On Sat, Apr 09, 2016 at 12:59:16PM -0700, jaso...@mail-central.com wrote:
> > % bash
> > $ diff -u \
> > <(openssl ciphers -v ALL:@STRENGTH) \
> > <(openssl ciphers -v aNULL:-aNULL:ALL:@STRENGTH)
> ...
>
> I thought 'NULL' were "a bad thing", and that we shouldn't be using them at
> all.
Not at all. When not authenticating the peer, there's no point in
asking for their certificates.
Should bus drivers ask you wave your closed passport in the air,
just to make sure you have one and withough looking at its content
or which country issued it, when you board a bus? Is it bad that
you can board a bus without having a passport?
> What I want to get to is to make sure that the "bad" ciphers are NOT
> enable/used.
The anonymous ciphers are not "bad", with
smtp_tls_security_level = may
all ciphers are effectively anonymous. Your bus ride is no safer
when some or all of the passengers bring their passports on board
and wave them in the air as they board the bus.
> Since I didn't think we should be using NULL-anything, I expected to see
> 'medium' NOT using them at all.
TLS combines multiple cryptographic primitives:
* Bulk data encryption (medium excludes algorithms weaker than
3-DES and 128-bit RC4)
* Data integrity (SHA1, SHA2, ... MACs or AEAD)
* Key Exchange (RSA key transport, DHE, ECDHE, ...)
* Authentication (Web PKI certificates, PSK, ...)
The aNULL ciphers leave out authentication, and make sense for
opportunistic TLS when you're otherwise willing to send cleartext.
http://www.postfix.org/TLS_README.html#client_tls_levels
http://www.postfix.org/TLS_README.html#client_tls_limits
http://www.postfix.org/TLS_README.html#client_tls_may
https://tools.ietf.org/html/rfc7435
--
Viktor.
