On 03/03/16 07:11, Viktor Dukhovni wrote:
The way I see it for opportunistic TLS in general, and Postfix specifically,
is that the sensible approach is to prune the deadwood once it is no longer
useful for interoperability except with a theoretical, but in practice
negligible
to non-existent minority of peers. That is, once removing obsolete
and week crypto has no practical negative consequences, we should just do it.
This was something we debated during the processing of
RFC7435. I do think the OS approach is a fine thing, but
I'd be much more for ditching weak crypto than you.
DROWN, LOGJAM and other attacks demonstrate that keeping
weak crypto code around does have negative consequences,
and with DROWN those are pretty impressively negative.
Cheers,
S.
smime.p7s
Description: S/MIME Cryptographic Signature