-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
my speculate was, it leaves too less ciphers left OK, but does the old dovecot/openssl version provide less ciphers than the new install? I'm not too familiar with what ciphers ship with OpenSSL in what version. My naive assumption is, a new version ships with more ciphers, hence this shouldn't be an issue. (Unless there is a new bug in a cipher.)
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options I just learned, there is a tool called gpedit.msc on win8 :) "Use FIPS compliant algorithms for encryption, hashing, and signing" is disabled on my machine. From what I understand this indicates, that it can use more/all available ciphers.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SecEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/FIPSAlgorithmPolicy/Enabled I can find this key (it is set to DisplayType=0 and ValueType=4) but I don't understand what I can change there and what this setting indicates. Needless to say that my windows administration knowledge is limited.
Regards, Sebastian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlNsddIACgkQR7+YB0QzbnohewCeN3SA2or/T60AGhBBcrGXRsFQ kW4An2xxuHdhnUIY9xVfD43LiFo0yJkq =63Av -----END PGP SIGNATURE-----