https://bugs.exim.org/show_bug.cgi?id=2872
Bug ID: 2872
Summary: Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
Product: Exim
Version: 4.96
Hardware: x86
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: TLS
Assignee: jgh146exb@wizmail.org
Reporter: s.egbert@sbcglobal.net
CC: exim-dev@exim.org
Unable to choose only CHACHA20-POLY1305 cipher using this exim4.conf setting:
tls_require_ciphers = CHACHA20-POLY1305
This documentation (in
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECTreqciphgnu
)states:
For TLS version 1.3 the control available is less fine-grained and Exim does
not provide access to it at present. The value of the tls_require_ciphers
option is ignored when TLS version 1.3 is negotiated.
As of writing the library default cipher suite list for TLSv1.3 is
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
I searched for all TLS-related bugs and none describes this one.
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
Bug ID: 2872
Summary: Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
Product: Exim
Version: 4.96
Hardware: x86
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: TLS
Assignee: jgh146exb@wizmail.org
Reporter: s.egbert@sbcglobal.net
CC: exim-dev@exim.org
Unable to choose only CHACHA20-POLY1305 cipher using this exim4.conf setting:
tls_require_ciphers = CHACHA20-POLY1305
This documentation (in
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECTreqciphgnu
)states:
For TLS version 1.3 the control available is less fine-grained and Exim does
not provide access to it at present. The value of the tls_require_ciphers
option is ignored when TLS version 1.3 is negotiated.
As of writing the library default cipher suite list for TLSv1.3 is
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
I searched for all TLS-related bugs and none describes this one.
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##