-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
for my installation I can assure that exim is linked to gnutls
(libgnutls-dane0 + libgnutls30, currently installed with version 3.5.8).
After installing gnutls-bin (and for the undocumented dependencies
dns-root-data) and disabling of the root
> On Sep 7, 2018, at 1:32 PM, Andreas Metzler via Exim-users
> wrote:
>
> Are you positive that this is a problem in GnuTLS and not in a problem
> in exim's usage of gnutls-dane?
>
> Asking, since
> danetool --check=lists.gentoo.org --proto tcp --starttls-proto=smtp
> succeeds. (I have
> On Sep 7, 2018, at 1:19 PM, Jan Ingvoldstad via Exim-users
> wrote:
>
> Additionally, Debian is, in the longer term, in a position to use a
> different TLS library than GnuTLS.
Debian has historically been ultra-conservative on the potential License
compatibility issues between GPL (Exim)
On 2018-09-07 Viktor Dukhovni via Exim-users wrote:
[...]
> Until there's either a fix in GnuTLS (Nikos Mavrogiannopoulos can get in touch
> with me if there are questions), or a work-around in Exim that disables DANE
> for domains with DANE-TA(2) records when linked with GnuTLS (supporting only
On Fri, Sep 7, 2018 at 5:50 PM Viktor Dukhovni via Exim-users <
exim-users@exim.org> wrote:
>
>
> Though Debian may not be in a possible to fix DANE-TA(2) support in
> Exim+GnuTLS,
> they may of course be able to bring it to the attention of the apporpriate
> GnuTLS developers. This is
> On Sep 7, 2018, at 3:33 AM, Jan Ingvoldstad via Exim-users
> wrote:
>
> Please, if you have not already done so, file a bug report with Debian,
> this is a pretty major bug.
Until there's either a fix in GnuTLS (Nikos Mavrogiannopoulos can get in touch
with me if there are questions), or
On Wed, Sep 5, 2018 at 5:04 PM Klaus Ethgen via Exim-users <
exim-users@exim.org> wrote:
> Sure, it is the common debian version and Debian is always linking
> against gnutls.
>
Please, if you have not already done so, file a bug report with Debian,
this is a pretty major bug.
--
Jan
--
##
On Wed, Sep 05, 2018 at 03:56:55PM +0100, Klaus Ethgen via Exim-users wrote:
> > I suppose your Exim is also linked to GnuTLS?
>
> Sure, it is the common debian version and Debian is always linking
> against gnutls.
You can rebuild the source deb against OpenSSL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Folks,
Am Mi den 5. Sep 2018 um 14:41 schrieb Michael Westerburg via Exim-users:
> On 09/05/2018 01:00 PM, exim-users-requ...@exim.org wrote:
> > After I enabled (themporarily) the random CA they use, I got a
> > successfull delivery with the
Hello Klaus,
On 09/05/2018 01:00 PM, exim-users-requ...@exim.org wrote:
> After I enabled (themporarily) the random CA they use, I got a
> successfull delivery with the log file saying that it was validated via
> DANE.
thank you very much for sharing your observation.
I suppose your Exim is
Hello Viktor,
On 09/05/2018 01:00 PM, exim-users-requ...@exim.org wrote:
> My advice to the user would be to use a version of Exim that
> is linked with OpenSSL and NOT GnuTLS. The Exim DANE support
> in combination with GnuTLS is not nearly as well tested or
> supported.
thank you very much
11 matches
Mail list logo
