On 14.04.2016 20:55, Martin wrote:
Hi folks, at first: thanks very much for the great piece of software!
I have a proposal to tighten the TLS security: enable the usage of a specific
ec-curve in the 10-ssl.conf, e.g.
ssl_ec-curve = secp384r1
Reason: I use a 384 bit EC server key, but dovecot uses "only" a prime256v1
curve.
Keygen was:
f=dovecot; openssl ecparam -name secp384r1 -genkey -out $f.key
openssl req -new -x509 -key $f.key -out ${f}.crt -days 2000 -sha512
Server check gives:
prio ciphersuite protocols pfs curves
1 ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1
2 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1
3 ECDHE-ECDSA-AES128-SHA TLSv1.2 ECDH,P-256,256bits prime256v1
4 ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1
5 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1
6 ECDHE-ECDSA-AES256-SHA TLSv1.2 ECDH,P-256,256bits prime256v1
Certificate: UNTRUSTED, 384 bit, ecdsa-with-SHA512 signature
Thank you for your suggestion, we will take it under consideration as we
are improving security settings for next major release.
Aki Tuomi
Dovecot oy
