Viktor On Wed, Nov 7, 2018, at 8:34 AM, Viktor Dukhovni wrote: > ...
Thx for the clarifications! > That's TLS 1.3, which as I mentioned is a different beast. It > always does PFS, and never RSA key exchange, but this is not reflected > in the cipher name, because the ciphers no longer specify the key > exchange method. ah! missed/misunderstood that completely! Re: this particular, *internal* connection, /var/log/postfix/postfix.log:Nov 4 15:21:45 mx postfix/postscreen-internal/smtpd[15675]: Anonymous TLS connection established from mx.example.com[XX.XX.XX.XX]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) i.e., 'between' *my* external/postscreen listener instance and *my* internal/after-postscreen smtpd instance, does it make any particular difference/improvement to explicitly change/limit that cipher to a single, mandatory choice? given that it *IS* tls1.3 with PFS, my inclination is simply ... leave it be. > No, you just did not read my post carefully enough... :-) yeah, yeah, we've been OVER that already. wouldn't be the *1st* time! ;-) ( in my own "defense" 'careful reading' does not _necessarily_ always equate to 'correct understanding' :-) ) > The TLS 1.3 connections are out of scope and can be ignored. Got it. > Outbound, I still see a handful of kRSA connections to sites that > don't have PFS turned on: > > 6 omgi.iij.ad.jp AES128-GCM-SHA256 > 1 nibbler.inwx.net AES256-GCM-SHA384 > > and it is the *server* operator's job to define the appropriate > policy for their own keys/certs. So I would not at this time suggest > any similar exclusion for the SMTP client. > > Keep in mind that TLS in SMTP is still predominantly opportunistic, > and generally even less than perfect encryption is still better > than none. Yep. That message is certainly clear enough. And a good reminder, nonetheless, of the assumptions about TLS usage in SMTP 'vs' in webserver. <rant>Even though, TBH, I've 'had it' with lazy AND sloppy server admins, and would LIKE to erase them from my server interactions. I don't mind broken -- I do my own fair share of that! -- as long as you're at least 'trying' to keep current/secure.</rant>
