On Sat, 09 Jan 2016 03:57:24 -0800, Clint Pachl <[email protected]> wrote:
Tom Smyth wrote on 01/08/16 16:40:
Besides do we want to have a mail system that is so secure that a large
portion of legacy systems cant negotiate security and therefore cant
send mail to our servers...
I think options / enforced by default options like this could
seriously hurt adoption of openSMTPD
I think sacrificing security for adoption is a bad trade off and does
not align with the OpenBSD ecosystem. I believe "secure by default" and
"proactive security" do align with the OpenBSD ecosystem.
Read http://www.openbsd.org/security.html
"OpenBSD believes in strong security. Our aspiration is to be NUMBER
ONE
in the industry for security (if we are not already there)."
I just wanted to say that @reyk and the devs working on httpd(8) made
the default protocol TLSv1.2 only. However, they also have a knob.
Clint, I couldn't agree more. In the post-Snowden era it's incredibly
frustrating to see 2nd and 3rd class, weak and obsolete crypto protocols
in use up right up until the inevitable devastating attack that becomes
public and makes a news splash.
I used a compile time hack to disabled TLSv1 on my servers a while ago [1]
and can you guess the only two email services I found in the logs that
stopped being able to deliver email? Discover.com and Paypal.com, two
financial services companies, what a joke.
I think the approach reyk took with httpd, supporting only TLSv1.2 by
default is the correct one. If people insist on shooting a hole in their
security foot to support obsolete clients and organizations with crap
security like Discover.com and Paypal.com, so be it, give them a knob to
do so, but don't let them do it unknowingly.
[1] https://www.mail-archive.com/misc%40opensmtpd.org/msg02326.html
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
