If you're soliciting client "certificates" and any associated access> checks
are (wisely) keyed by a digest of just the public key (rather
than the full certificate), consider also setting:
smtpd_tls_enable_rpk = yes
Which would reduce bload in the client-to-server direction for any
ML-DSA client public keys.
sigh. that's _another_ one i've managed to be completely unaware of.
https://www.postfix.org/postconf.5.html#smtp_tls_enable_rpk
it's now on my read-up list. thx o/
You're welcome, good luck. With PQC, keep in mind that you're
volunteering to be a guineapig for as yet unproven new technology.
...
might be valuable experience to have under your belt, but isn't
especially beneficial at present.
( sure. though, in several verticals it's already an issue in meetings; rarely rational
or justified, atm, but it's definitely already a latest "bright-n-shiny"
object).
i generally try to wrap my head-around scope/effort/gotchas re: what will be
expected here eventually.
often as that ... 'test subject' ... on my own boxes.
staff very much prefer i suffer first ;-)
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
