Tighten TLS - usage of specific ssl_ec-curve

Aki Tuomi aki.tuomi at dovecot.fi
Fri Apr 15 07:35:12 UTC 2016



On 14.04.2016 20:55, Martin wrote:
> Hi folks, at first: thanks very much for the great piece of software!
>
> I have a proposal to tighten the TLS security: enable the usage of a specific ec-curve in the 10-ssl.conf, e.g.
>
> 	ssl_ec-curve = secp384r1
>
>
> Reason: I use a 384 bit EC server key, but dovecot uses "only" a prime256v1 curve.
>
>
> Keygen was:
> f=dovecot; openssl ecparam -name secp384r1 -genkey -out $f.key
> openssl req -new -x509 -key $f.key -out ${f}.crt -days 2000 -sha512
>
>
> Server check gives:
> prio  ciphersuite                    protocols  pfs                 curves
> 1     ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2    ECDH,P-256,256bits  prime256v1
> 2     ECDHE-ECDSA-AES128-SHA256      TLSv1.2    ECDH,P-256,256bits  prime256v1
> 3     ECDHE-ECDSA-AES128-SHA         TLSv1.2    ECDH,P-256,256bits  prime256v1
> 4     ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2    ECDH,P-256,256bits  prime256v1
> 5     ECDHE-ECDSA-AES256-SHA384      TLSv1.2    ECDH,P-256,256bits  prime256v1
> 6     ECDHE-ECDSA-AES256-SHA         TLSv1.2    ECDH,P-256,256bits  prime256v1
>
> Certificate: UNTRUSTED, 384 bit, ecdsa-with-SHA512 signature
>
>

Thank you for your suggestion, we will take it under consideration as we 
are improving security settings for next major release.

Aki Tuomi
Dovecot oy


More information about the dovecot mailing list