On Mar 3, 2016, at 1:33 AM, Randy Bush <randy(_at_)psg(_dot_)com> wrote:
i expect that, at least for the rest of my career, there will always be
stronger and weaker crypto. and we will repeatedly go through the pain
of purging the [then] weak, with folk screaming about compatibility with
doors 2005.
The way I see it for opportunistic TLS in general, and Postfix specifically,
is that the sensible approach is to prune the deadwood once it is no longer
useful for interoperability except with a theoretical, but in practice
negligible
to non-existent minority of peers. That is, once removing obsolete
and week crypto has no practical negative consequences, we should just do it.
What makes this possible is widespread adoption of better alternatives, at
which point algorithm agility (often derided in some circles) makes it
possible to move on.
At this point SSLv2, SSLv3, EXPORT ciphers and single DES are disabled in
Postfix by default. It is sensible for ietf.org to apply similar settings.
--
Viktor.