On 9/24/20 9:13 PM, Viktor Dukhovni wrote:
> On Thu, Sep 24, 2020 at 08:30:35PM -0700, PGNet Dev wrote:
> Is that really the session you intended to capture.
Interestingly phrased!
The intention was to capture the tcp data 'thru' the failed event.
That^^ is the data streamed to console, with th
On Thu, Sep 24, 2020 at 08:30:35PM -0700, PGNet Dev wrote:
> for this instance with
>
> dovecot --version
> 2.3.10.1 (a3d0e1171)
> postconf mail_version
> mail_version = 3.5.7
> openssl version
> OpenSSL 1.1.1g FIPS 21 Apr 2020
>
>
On 9/24/20 7:32 PM, Viktor Dukhovni wrote:
> On Thu, Sep 24, 2020 at 06:43:05PM -0700, PGNet Dev wrote:
>
>> Been awhile since I 'de-noised' a comms dump; I'll dust off my notes, & work
>> on getting a useful/relevant PCAP file ...
>
> # tcpdump -s0 -w /some/file tcp port 12345
thx, was al
On Thu, Sep 24, 2020 at 06:43:05PM -0700, PGNet Dev wrote:
> Been awhile since I 'de-noised' a comms dump; I'll dust off my notes, & work
> on getting a useful/relevant PCAP file ...
# tcpdump -s0 -w /some/file tcp port 12345
^C
# tcpdump -r /some/file 'tcp[13] & 0x12 == 2'
On 9/24/20 5:51 PM, Viktor Dukhovni wrote:
>> again, the _only_ change between the two submissions is the addition of the
>> "ServerPreference" option to the openssl.cnf config.
>
> This looks like the protocol version is no longer TLS 1.3 as a result,
> and one side or the other now expects or s
On Thu, Sep 24, 2020 at 07:43:04AM -0700, PGNet Dev wrote:
> > I'd be tempted to drop most if not all of those settings, they're not
> > email-friendly.
>
> PUBLIC email non-friendly, because of still-frequent old cipher/protocol
> implementations?
>
> or,
>
> inherently problematic with TLS
> I'd be tempted to drop most if not all of those settings, they're not
> email-friendly.
PUBLIC email non-friendly, because of still-frequent old cipher/protocol
implementations?
or,
inherently problematic with TLS in/onr SMTP?
in this case, there's nothing public ... both the dovecot and po
On Wed, Sep 23, 2020 at 02:11:50PM -0700, PGNet Dev wrote:
> /etc/pki/tls/openssl.cnf
> openssl_conf = default_conf
>
> [default_conf]
> ssl_conf = ssl_sect
>
> [ssl_sect]
> system_default = system_default_sect
>
>
> I think it would be better to just add a comment that the older branch
> changes are tracked elsewhere.
The note is already present, it's in the second paragraph of
https://www.openssl.org/news/changelog.html
but it is confusing nevertheless and it would be more useful if the
entire information
On Thu, 2020-09-24 at 07:01 +, Dr. Matthias St. Pierre wrote:
> > On 22/09/2020 15:03, Michael Wojcik wrote:
> > > changelog.html hasn't been updated since 1.1.1e.
> > >
> > > https://www.openssl.org/news/changelog.html#openssl-111 shows:
> >
> > That's the master Changelog. Confusing I know.
> On 22/09/2020 15:03, Michael Wojcik wrote:
> > changelog.html hasn't been updated since 1.1.1e.
> >
> > https://www.openssl.org/news/changelog.html#openssl-111 shows:
>
> That's the master Changelog. Confusing I know.
>
> The link to the 1.1.1 Changelog is at the top of the page.
It is indeed
11 matches
Mail list logo
