[prev in list] [next in list] [prev in thread] [next in thread]
List: exim-users
Subject: [exim] Possible TLS weakness in Exim? (to be noticed with Opera and
From: "Ralf G. R. Bergs " <ralf+exim () bergs ! biz>
Date: 2006-11-28 14:45:01
Message-ID: 456C4B6D.2050605 () bergs ! biz
[Download RAW message or body]
Hi there,
I recently noticed the following problem:
<quote>
I'm running a (Debian stable) server of my own with a free cert from
cacert.org.
I've imported the root CA to Opera, and https is fine -- no warnings
whatsoever. I'm also running an IMAP server (Courier) with TLS, no
problems here either.
BUT there is a problem with SMTP using Exim 4.50. Opera keeps
complaining that my server was using a short public key which is unsafe.
Why is this??? I'm using 4096 bit RSA.
[...]
If I force Opera to accept the certificate anyway (I can't "install" it
by any means, but have to click "accept" each time I try to send a
message), Opera is able to connect to the mail server. Exim logs
"TLS-1.0:RSA_AES_256_CBC_SHA:32" as the crypto suite used.
</quote>
I posted about this problem into the Opera forum (see
http://my.opera.com/community/forums/topic.dml?id=167205), and received
the following reply from one of the Opera developers:
<quote>
The server selected an encryption method that uses RSA combined with
Ephermal (dynamic) Diffie-Hellman (DHE), a method which uses short-lived
(temporary) Diffie-Hellman keys authenticated by a signature from the
RSA key.
I have seen a couple of servers that uses a default DHE length of 512
bit or less (I once saw one sending a 256(!) bit key). Such keylengths
(<900 bits) are far too short to provide any significant security.
I suggest that you check the DHE key-generation configuration of the
SMTP server.
IMO the length of that key should match the keylength of the
certificate, but to get level 3 encryption it must be at least 1024 bits
long.
</quote>
The binary has been built by the Debian guys with GnuTLS support.
Unfortunately I'm not deep enough into crypto programming to have a look
at the source myself, but what the Opera developer wrote sounds
reasonable to me.
Can anyone comment on this?
Thanks,
Ralf
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic