Erik Kangas, Ph.D. wrote:
Has anyone found a way to get the Diffie Hellman TLS v1.2 ciphers (e.g.
DHE-RSA-AES256-GCM-SHA384) to work with UW IMAP / Panda IMAP?
In order to perform a DH key exchange the server must use a DH group (DH
parameters) and generate a DH key.
UW IMAP neither generate DH parameters on the fly nor supply the
parameters - thus no DHE can be negotiated.
You may patch the code and use SSL_CTX_set_options(3) to set
SSL_OP_SINGLE_DH_USE option, but generating DH parameters on the fly is
extremely time consuming.
Dan
_______________________________________________
Imap-uw mailing list
[email protected]
http://mailman13.u.washington.edu/mailman/listinfo/imap-uw
