> On Mar 2, 2017, at 7:43 PM, Wietse Venema <wie...@porcupine.org> wrote:
>
> * Elliptic curve negotiation with OpenSSL <= 1.0.2. This changes
> the default smtpd_tls_eecdh_grade setting to "auto", and
> introduces a new parameter tls_eecdh_auto_curves with the names
> of curves that may be negotiated.
Tiny correction. The EC negotiation is with OpenSSL >= 1.0.2, not
OpenSSL <= 1.0.2. That is, it requires at *least* OpenSSL 1.0.2,
which currently means some patch level of 1.0.2 or 1.1.0.
--
Viktor.
