On 03/11/2014 10:30 AM, Matthias Hunstock wrote:
But looking on your ciphers it seems you are eager on
Forward Secrecy,
which is independent of the TLS version - that doesn't seem to be
supported by perdition right now.
PFS for perdition has been discussed on-list recently by simon and
myself, but i don't think it's integrated upstream at the moment.
a patch is available for those who want it at:
http://lists.vergenet.net/pipermail/perdition-users/2013-October/002669.html
I can happily say that the patch works and i'm using it in production to
provide PFS for IMAP/POP gateways.
Also note that we reenabled MD5-based ciphers because
users with Windows
Mobile based phones couldn't establish secure connections.
interesting. is there published documentation of this limitation of
Windows Mobile?
--dkg