thr3ads.net - dovecot - [Dovecot] Enforcing server cipher list order [Aug 2013]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Phillip Odam

2013-Aug-28 23:51 UTC

[Dovecot] Enforcing server cipher list order

I noticed a similar/same discussion back on Aug 14th titled force 
ciphers order for clients. However from that thread I can't find quite 
what I'm after.

 From my testing of dovecot 2.1.6, by default it appears to honor the 
clients cipher list order for SSL/TLS connections.

I can't find any documentation on dovecot providing a setting like 
Apache HTTPDs to either honor the client or server cipher list i.e. 
SSLHonorCipherOrder.

Do newer versions (> 2.1.6) of dovecot either make this configurable or 
force honoring of the servers cipher list order? Or is the cipher 
selection a function that openssl performs? The version of openssl in 
use is 1.0.1e-fips.

Thanks
Phillip

Maybe Matching Threads

dovecot and PFS
Configuring TLS 1.2
IMAP and POP3 per SSL
Apache and SSLv3
[Bug 3603] New: ssh clients can't communicate with server with default cipher when fips is enabled at server end

Search for more apparently analagous threads

dovecot - Aug 2013 - Enforcing server cipher list order

[Dovecot] Enforcing server cipher list order

Maybe Matching Threads

Wisdom of the Ancients