Poštni seznam arhiviranih sporo?il

Od:	"Peter Moylan" <ecs-isp@2rosenthals.com>	Glava Izvorno E-sporo?ilo
Zadeva:	Re: [eCS-ISP] Getting started with Let's Encrypt
Datum:	Sat, 7 Dec 2024 13:54:20 +1100
Za:	eCS ISP Mailing List <ecs-isp@2rosenthals.com>

On 07/12/24 06:48, Massimo S. wrote: i forgot to write that now i use LE also for popS (with stunnel) and finally i don't have anymore issues with each update of thunderbird that stop downloading any new mail if popS use self signed certificates Of course my current work on TLS is intended for more than just the web server. Once I'm satisfied that the new WebServe is working properly[1], my next project will be to add TLS capability to Weasel, so you might be able to stop using your current solution. [1] Although it is working right now, it still needs improvements. For example, it only supports three cipher suites (TLS_NULL_WITH_NULL_NULL, TLS_RSA_WITH_3DES_EDE_CBC_SHA,, TLS_RSA_WITH_AES_128_CBC_SHA), and I haven't yet implemented things that weren't needed for a typical TLS handshake. For example, I haven't allowed for re-using the encryption state from a previous session, because that doesn't do anything necessary, it only makes the reconnection faster. And I might have to alter the way I use certificates, after I see how Let's Encrypt works. If, for example, it uses the OpenSSL method of using a hash result as a file name, then that's a big problem. I have not been able to emulate OpenSSL's method of generating a hash function, despite trying all the permutations allowed in the specification of how OpenSSL does it. -- Peter Moylan peter@pmoylan.org http://www.pmoylan.org

Naro?iti: Poro?ilo (Feed), Izvle?ek (Digest), Indeks.
Odjava
E-pošta za mojstra za sezname