On 10/19/2013 5:24 PM, Reindl Harald wrote:
Am 20.10.2013 01:58, schrieb Darren Pilgrim:
On 10/18/2013 5:32 AM, Reindl Harald wrote:
this does *not work* with Outlook 2003-2010 on Windows XP
It's not Outlook's fault. Office, IE, etc. all use stunnel which, on XP/2003, is as outdated as OpenSSL 0.9.8.
Enable 3DES to support XP clients
and how does that give you any gain over RC4?s
The cipherspec given disables both. Given a choice, I'd rather have 3DES than RC4.
http://en.wikipedia.org/wiki/Triple_DES#Security http://en.wikipedia.org/wiki/RC4#Security
Umm... did you actually read those? That's a long, varied list of attacks on RC4, whereas 3DES is only vulnerable to the same attacks as all other CBC-mode ciphers. 112-bit encryption is still generally safe for at least a few more years. Well past the point where we don't have to worry about XP anymore.
-- Please reply on list.