22 Sep
2013
22 Sep
'13
2:20 a.m.
On 11.9.2013, at 20.10, Frank Behrens <frank@pinky.sax.de> wrote:
Hi Emmanuel!
Am 10.09.2013 09:54, schrieb Emmanuel Dreyfus:
Hi
Is there known advices on how to favor PFS with dovecot?
In Apache, I use the following directives, with cause all modern browsers to adopt 256 bit PFS ciphers, while keeping backward compatibility with older browsers and avoiding BEAST attack: SSLProtocol all -SSLv2 SSLHonorCipherOrder On
"SSLHonorCipherOrder" is not yet supported in dovecot. I use the following hack/patch:
Added: http://hg.dovecot.org/dovecot-2.2/rev/897484f45a87
(Setting name copied from nginx.)