> The name "CHACHA20" matches any ciphersuite that uses that stream > cipher for the bulk crypto:
Sounds like a group. > $ /opt/openssl/1.1.0/bin/openssl ciphers -V CHACHA20 Ok so 'documented' by openssl directly, nothing Postfix specific. > 0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH > Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > 0xCC,0xA8 - ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH > Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > 0xCC,0xAA - DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH Au=RSA > Enc=CHACHA20/POLY1305(256) Mac=AEAD ... > The four PSK variants can't be used by most TLS applications > (including Postfix), so in practice CHACHA20 means just the first > three. And subgroups? If for any group of ciphers to be used in Postfix I want to only ever use EC ciphers, so eg "in practice" here, only the 1st two? Some shorthand for "EC only"? I never really checked. Is crypto for Postfix always/only provided by OpenSSL? So naming for cipherlists, and related shorthand, is OpenSSL-specific and so we look to OpenSSL for the docs? Or is that set at a standards level and naming is consistent across Postfix, Openssl and all other crypto? > > Specify "smtp_tls_CApath = /path/to/system_CA_directory" to use > > ONLY the system-supplied default Certification Authority > > certificates. ... > > Then it > > > > won't ONLY use sys default CA certs > > No, it will trust no CAs at all. A pox on all their houses. Ok. That makes more sense. That's not what I got from reading that section. It read to me like if you don't specify it it doesn't ONLY use ... > As for "tls_append_default_CA = no". These have been the default > setting for ages. Sure. I don't actually set it explicitly on my setup. Like you say it's the default. > $ postconf -d smtp_tls_CApath tls_append_default_CA > smtp_tls_CApath = > tls_append_default_CA = no > > > So what exactly IS it gonna do? > > Not trust any CAs. When you want to authenticate some peer, use > the "tafile" feature of the policy table to specify a sensible list > of trust-anchors for that peer. Ok. > Enabling the system-default cert store will only make sense in the > context of SMTP STS, if/when Postfix has support for that. Sadly, > the large providers (Google, Yahoo, Microsoft, ...) have difficulties > combining DNSSEC with their load-balancing infrastructure, so they > are pushing STS, with all its flaws, but arguably better than > nothing... SMTP STS hadn't even heard of yet. DNSSEC is on my todo list.
