8 Mar
2026
8 Mar
'26
12:24 p.m.
On 2026/03/08 03:19, Steve Litt via dovecot wrote:
On my new Dovecot 2.4.2 IMAP server, which when completed will be accessible only via SSL, I plan to use Curve25519/Ed25519 self-signed-cert/private-key. Is there any reason this would be a mistake?
Who will be "talking to" your Dovecot server?
From a crypto point of view, curve25519/ed25519 is fine, of course.
The "self-signed" part of your certificate means that clients that want to connect to your IMAP server will have to manually accept your certificate.
Do you control all the IMAP clients, so that this can be managed?
I hope this helps.
Edmund-- Edmund Lodewijks <edmund@proteamail.com> TZ: UCT+2 / GMT+2