On Thu, 14 Mar 2019, John Tulp wrote:
Encryption is just really not that much of a barrier any more.
Spoken like someone who hasn't actually tried breaking any of these
algorithms. It's not like every, or event most, cryptologists who
designs these algorithms, or analyzes them for
On 03/15/2019 06:03 AM, Gary wrote:
> Is there some reason to use a mail.domain.com cert for mail rarher than
> just using domain.com for everything?
>
> Historically the subdomain were used because they were on different
> hardware. That is www was on one machine and mail was on another.
: Re: regarding ssl certificates
With PKIX validation the certificate should match the hostname.
With SMTP, the hostname should match the reverse IP though often it does
not.
Using subdomains gives you flexibility.
with DANE validation, it is DNSSEC that validates the fingerprint to the
hostname
was on another.
Original Message
From: dovecot@dovecot.org
Sent: March 14, 2019 3:56 PM
To: dovecot@dovecot.org
Reply-to: jtam.h...@gmail.com
Subject: Re: regarding ssl certificates
mick crane wrote:
Apache2 default install has this snake oil certificate
Can make a new one
: dovecot@dovecot.org
Sent: March 14, 2019 3:56 PM
To: dovecot@dovecot.org
Reply-to: jtam.h...@gmail.com
Subject: Re: regarding ssl certificates
mick crane wrote:
> Apache2 default install has this snake oil certificate
> Can make a new one for apache
I won't go over some of the excellent
On Thu, 2019-03-14 at 15:08 +0100, Stephan von Krawczynski via dovecot
wrote:
> On Thu, 14 Mar 2019 09:51:14 -0400
> Phil Turmel via dovecot wrote:
>
> > On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote:
> >
> > > Sorry I have to write this, but this is again pointing people in a
mick crane wrote:
Apache2 default install has this snake oil certificate
Can make a new one for apache
I won't go over some of the excellent points in previous posts,
but I will mention SAN as a third type of certificate you can make.
LetsEncrypt supports this type of certificate.
This is
On 3/14/19 10:08 AM, Stephan von Krawczynski via dovecot wrote:
Some facts for you, as obviously you have not understood what a CA is worth
that is compromised by either hackers or "authorities".
If you want to know more, read articles about closing of CA DigiNotar, like:
(Sorry for the broken references, my MUA misplaced the e-mail I'm
*actually* replying to.)
On 03/14/2019 03:08 PM, Stephan von Krawczynski wrote:
> Some facts for you, as obviously you have not understood what a CA is worth
> that is compromised by either hackers or "authorities".
> If you want
On Thu, 14 Mar 2019 09:51:14 -0400
Phil Turmel via dovecot wrote:
> On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote:
>
> > Sorry I have to write this, but this is again pointing people in a fake
> > security direction.
>
> You should be sorry, because you are wrong.
>
> > The
On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote:
Sorry I have to write this, but this is again pointing people in a fake
security direction.
You should be sorry, because you are wrong.
The only valid authority for a certificate is the party using it. Any third
party with
On Thu, Mar 14, 2019, at 2:51 PM, Nikolai Lusan via dovecot wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi,
>
> So this question means you need to do some more reading about all SSL/TLS
> services.
>
> On Thu, 2019-03-14 at 10:46 +, mick crane via dovecot wrote:
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
So this question means you need to do some more reading about all SSL/TLS
services.
On Thu, 2019-03-14 at 10:46 +, mick crane via dovecot wrote:
> Excuse dopey question.
> I'm not exactly clear about certificates.
> Apache2 default install
On Thu, 14 Mar 2019 12:13:15 +0100
"Guido Goluke, MajorLabel via dovecot" wrote:
> Op 14-03-19 om 11:46 schreef mick crane via dovecot:
> > Excuse dopey question.
> > I'm not exactly clear about certificates.
> > Apache2 default install has this snake oil certificate
> > Can make a new one for
Op 14-03-19 om 11:46 schreef mick crane via dovecot:
Excuse dopey question.
I'm not exactly clear about certificates.
Apache2 default install has this snake oil certificate
Can make a new one for apache
Can make one for dovecot
Can make one for ssl
Is there supposed to be the one (self signed
On 3/14/19 11:46 AM, mick crane via dovecot wrote:
Excuse dopey question.
I'm not exactly clear about certificates.
Apache2 default install has this snake oil certificate
Can make a new one for apache
Can make one for dovecot
Can make one for ssl
Is there supposed to be the one (self signed )
Excuse dopey question.
I'm not exactly clear about certificates.
Apache2 default install has this snake oil certificate
Can make a new one for apache
Can make one for dovecot
Can make one for ssl
Is there supposed to be the one (self signed ) certificate pair in one
place for the machine that
17 matches
Mail list logo
