On Sat, Jul 13, 2019 at 02:16:22PM +0100, Russell King via Exim-users wrote:
> Maybe someone can provide some hints what Key Usage should be set for an > exim server certificate. According to Red Hat's website: > > > https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.0/html/Admin_Guide/Standard_X.509_v3_Certificate_Extensions.html > > leads me to think that only keyEncipherment and keyAgreement need be > set - this is what I had originally, and gnutls refused to offer any > EC ciphers. For RSA certs what you should have is: 1. digitalSignature: Allows the server to perform authenticated ephemeral Diffie-Hellman key exchange, by signining the key exchange messages. 2. ?keyExcipherment: Allows the server to use legacy RSA "key transport". This does not offer forward- secrecy, and may be vulnerable to various side-channel attacks when implementations don't handle both good and bad keys in constant time. So best avoided, but not offering RSA key transport may break interoperability with very old non-PFS clients. At some point (perhaps already in the past) you'll want *just* 1, but for now perhaps also 2. > Adding digitalSignature and nonRepudiation to the cert seems to have > allowed gnutls to enable EC ciphers, but I don't understand why based > on the description above. The nonRepudiation bit is not relevant. TLS is not used for content commitment (signing contracts, ...). -- Viktor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
