On Tue, Dec 05, 2006 at 05:18:25PM +0100, Hanno 'Rince' Wagner wrote: > I also have a Sony-Ericsson P990i (Germany, non-branded by a phone > provider)
The P990i seems to have issues when connecting to a GnuTLS server. We have verified this by having the phone connect to gnutls-serv. The phone and gnutls-serv negotiate TLS 1.0 with AES128 and SHA-1, and this seems to be the culprit. The phone does not support TLS 1.1. The connection works fine when gnutls-serv is configured to use SSL3.0 instead of TLS 1.0, and it works as well when TLS1.0 is allowed but SHA-1 is forbidden. Unfortunately, the cipher falls back to ARCFOUR when SHA-1 is forbidden. In exim, the MAC can only be influenced by modifying the actual source code, and I have verified that an exim compiled with SHA-1 disabled in the sources can talk to Hanno's phone. The GnuTLS people are in on this, and I'll report back as soon as we have new findings. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]