TLS config check
Robert Schetterer
rs at sys4.de
Sat Feb 7 10:15:56 UTC 2015
Am 07.02.2015 um 11:05 schrieb SW:
>
>> Short: See my last answer - secure is never a black or white decission.
>> The chosen cypher will protect your traffic and its better than plain
>> text.
>>
>> Long: The client negotiates the supported ciphers with the server and
>> chooses one that fits for him. I *guess* that k9/anroid simply does not
>> support the GCM cipher and therefore uses another one. To get the "best"
>> result you need to list up all supported ciphers of your client and
>> server and choose one, but be warned that if you ask two analyst, you
>> might not get the same answer which is "best" as this dependes on the
>> kind of threats you want to take care of
>>
>>
>> Oliver
>>
>
> Thanks Oliver.
>
> I had a look at:
>
> https://www.ssllabs.com/ssltest/viewClient.html?name=Android&version=4.4.2
>
> And Android 4.4.2 does support:
>
> ECDHE-ECDSA-AES128-GCM-SHA256
>
> So why then does K9 not connect using GCM? Could K9 mail not support
> this cipher? If Android supports it does this mean that K9 mail will
> support it too?
K9 questions should go to
https://code.google.com/p/k9mail/issues/list
>
> Just trying to figure out WHY I can't get K9 to use GCM!
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the dovecot
mailing list