2014-01-05 12:49:34 UTC
I've been looking at the current state of TLS support in postfix.
I notice that the documentation on the website says it will
support DANE in the 2.11 version.
DANE will make it possible for us to have mandatory encryption, so
I would like to see that we can get the best out of that.
So one thing I've noticed is that you currently only have settings
for dh512 and dh1024. I would really like to see an option to
have at least 2048 and maybe even 4096 bit DH parameters.
As far as I know you can set anything in the dh512 and dh1024
file, but the documentation doesn't make that clear.
So I've been looking at which ciphers are currently selected. The
documentation (TLS_README) says that log level 0 should log
"summary message on TLS handshake completion" with 2.9. I don't
see any such messages. If I change it to 1, I do get messages as:
Anonymous TLS connection established from [...]: TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)
With smtpd_tls_received_header = yes you also see this in the
(using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
It would be nice that it could also say something about the (EC)DH
parameters, and maybe about the other side's certificate.
The documenation about dane says:
| When TLSA records are not found or are all unusable the effective
| security level is "may" or "encrypt" respectively.
So does that mean:
- No TLSA records: may
- TLSA present but unusable: encrypt
- TLSA present and usable: fingerprint for type 3 (and 1), or nexthop, hostname for type 2.
unusable would be a certificate contraint type is 0.
I assume that the "trust-anchor (TA)" is type 2, and end-entity
(EE) is type 3.
(I think it's all documented somewhere, but some parts are
repeated and not exactly the same, and so it's a bit spread