Re: are rsa certs/keys still needed/recommended for use in postfix? or can just ecc be relied on?
On Mo, Jun 01, 2020 at 20:28:12 -0700, PGNet Dev wrote: for websites it seems that, for all practical purposes, ecc ssl certs are all that's needed anymore does the same hold true for smtp(d)? That depends. The AVM Fritzbox for example can only use RSA, so if your Fritzbox should send mail reports via submission and STARTTLS, it will break without RSA keys/certs on the postfix server. Shade and sweet water! Stephan -- |If your life was a horse, you'd have to shoot it.|
Re: are rsa certs/keys still needed/recommended for use in postfix? or can just ecc be relied on?
On 1 Jun 2020, at 23:28, PGNet Dev wrote: and, have seen no immediately adverse effects in mail flow. far from robust testing at this point You won't see enough change in overall flow to see a difference above regular noise. What you need to look at is how senders actually connect. i don't have any idea of what the stats are; thought best to ask -- as for mail, it's still arguably hit-and-miss for deliverability with disabling 'older tech' ciphers, etc., depending on your service case. Set "smtpd_tls_loglevel = 1" to get smtpd to record the cryptographic parameters opf every TLS connection and you will have enough depth of data to make a decision. is it safe/recommended to not bother with the rsa certs anymore? I haven't tried it, but I would guess that it is not entirely safe. I still see some senders connecting with TLSv1.0, which implies the use of badly outdated and flawed TLS implementations. I don't think it is a good idea to see how many of those (and the TLSv1.3 clients who still use RSA) will break if I narrow what Postfix will accept. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not For Hire (currently)
are rsa certs/keys still needed/recommended for use in postfix? or can just ecc be relied on?
for websites it seems that, for all practical purposes, ecc ssl certs are all that's needed anymore cref e.g. comments at https://www.thesslstore.com/blog/you-should-be-using-ecc-for-your-ssl-tls-certificates/ " ... All modern Operating Systems and Browsers support ECC ..." for my sites, i don't care about failing service to those using old browsers. does the same hold true for smtp(d)? in postfix, i've had for the longest time overrides in my main.cf, smtpd_tls_eckey_file = /etc/ssl/postfix/privkey_ec.pem smtpd_tls_eccert_file = /etc/ssl/postfix/fullchain.ec.crt.pem smtpd_tls_key_file= /etc/ssl/postfix/privkey_rsa.pem smtpd_tls_cert_file = /etc/ssl/postfix/fullchain.rsa.crt.pem with letsencrypt happily renewing both the ecc & rsa algo certs, as a 1st test i removed smtpd_tls_eckey_file = /etc/ssl/postfix/privkey_ec.pem smtpd_tls_eccert_file = /etc/ssl/postfix/fullchain.ec.crt.pem - smtpd_tls_key_file= /etc/ssl/postfix/privkey_rsa.pem - smtpd_tls_cert_file = /etc/ssl/postfix/fullchain.rsa.crt.pem which iiuc drop back to 'empty' defaults of postconf -d smtpd_tls_key_file smtpd_tls_cert_file smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_cert_file = and, have seen no immediately adverse effects in mail flow. far from robust testing at this point ... i don't have any idea of what the stats are; thought best to ask -- as for mail, it's still arguably hit-and-miss for deliverability with disabling 'older tech' ciphers, etc., depending on your service case. is it safe/recommended to not bother with the rsa certs anymore?