On Wed, 24 Aug 2016, Jeremy Harris wrote:
On 23/08/16 20:03, Phillip Carroll wrote:
The
fact that "tls_privatekey" must be readable by exim I presume is for
using STARTTLS for sending messages, although the TLS error message
about the "tls_privatekey" path occurred on a received message. (I
questioned the need for access to the private key to receive a message,
not considering usage in the other direction.)
The Exim code telling the OpenSSL library about the private-key is in
a routine common to both server and client initialisation.
It's a fair point; we might consider making it direction-aware to
reduce the attack surface (even though most installations will be
doing both directions).
When a MUA connects to an MTA the client will use the server's
public key, and the server will need its private key to receive
the plain text of the message, or am I mistaken ?
OK, exim will (probably) know which certificate to use when it
opens the listening socket, so will have root and be able to
read the private key.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
