On 06/27/2014 03:15 PM, [email protected] wrote: > > Hello, > > with the new Chipermail one can set the ciphers used by S/MIME for > signing and encryption in the GUI settings. This lead to the question if > there are any real life experience how many clients are still not > supporting rfc5751 from 2010 and will therefore not be able to > verify/decrypt mail signed with sha-256 or crypted with AES? > > Windows up from XP-SP3 and Outlook 2003 are ok, latest Thunderbird also > no Problem. We are especially interested in feedback about other Gateway > Products and Mobile Clients.
I would think that most applications nowadays support SHA256 and AES 128. However, Windows XP does not support AES in Outlook even with SP3. At least according to this article: http://support.microsoft.com/kb/2710636 Now since Windows XP is EOL, I personally would suggest to set the default to AES128 and SHA256. If a client complains, you can override the settings (i.e., switch back to 3DES) for this particular client. Unfortunately I do not have any details of support for other gateways. The only feedback I have had in the past of failed decryption and/or validation is certificates was on Outlook with XP. Kind regards, Martijn -- CipherMail email encryption Open source email encryption gateway with support for S/MIME, OpenPGP and PDF encryption. www.ciphermail.com _______________________________________________ Users mailing list [email protected] https://lists.djigzo.com/lists/listinfo/users
