List, good afternoon,
I was reading up on a TLS Diffie Hellman protocol weakness described here
https://weakdh.org/sysadmin.html
which is similar to the earlier FREAK attack, and can result in downgrade of cipher suites.
Part of the solution workaround that the researchers describe for Dovecot here
https://weakdh.org/sysadmin.html
includes altering DH parameters length to 2048, and re-specifying the allowable cipher suites - they give their suggestion.
But the researchers make no comment on the allowable protocols that, in Dovecot, are controlled in 10-ssl.conf in the stanza headed
# SSL protocols to use #ssl_protocols = !SSLv2
I couldn't find any advice on up-to-date SSL/TLS protocol settings in the Dovecot wiki, either (I looked in http://wiki2.dovecot.org/SSL/DovecotConfiguration ).
At the moment our installation is using only the default settings for allowed protocols; I'm not sure what those defaults might be, but our 10-ssl.conf may only be disallowing SSLv2, if the 'example' entry is the default. We're running 2.2.15, and are due to upgrade to 2.2.18 shortly; quite possibly the defaults differ in a more recent release.
What SSL protocols do folk on the list recommend should be allowed in Dovecot these days? (Actually, I mean which protocols really 'must' be disallowed?)
regards, Ron