On 2016-10-18 at 08:28 +0200, Arkadiusz Miśkiewicz wrote: > On Monday 17 of October 2016, Phil Pennock wrote: > > Or base64-encode it. > > "/" is part of base64 alphabet, so would have to replace that with other > character, too.
You're quite right. I was thinking of the `base64url` encoding from RFC4648; it's used so often that I forgot. Hrm, perhaps Exim should support that too. > I wonder how big performance impact will be there on each connection when > using sha1. sha will be calculated even twice for single connection. Your mail was delivered from the exim.org mail-handling host to my mail-handling host using `TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256`. Gmail's mail-servers record that when you uploaded it to them, your system negotiated `version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128`. SHA1 is faster than the SHA2 family of hashes; if you're calculating SHA2 hashes twice (for HMAC) for every block received over TLS, doing SHA1 twice at the start should not be a concern. -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
