> Now that OpenSSL 1.0.1 is in sid, mutt can now talk to my dovecot IMAP > server using TLS 1.2 [0]. However, I was disappointed to discover that > mutt (which does not have knobs for cipher suites) still uses > DHE-RSA/AES-128-CBC/SHA1.
Hello, libgnutls26 doesn't support elliptic curves or AES-GCM. These were added in gnutls 3.0.x, and are indeed used with higher priority if the host system supports the AESNI/PCLMUL instructions. > Also, using ECC suites like ECDHE is faster and much more secure than > using plain DH. ECDH is faster than plain DH on the same security levels but there is no evidence known to me suggesting it is more secure. (it is the same algorithm under a different group) > Finally, if HMAC is going to be used, a stronger hash algorithm than > SHA-1 should be chosen. SHA-1 has demonstrable weaknesses that have not > been determined to be present in SHA-256, SHA-384, or SHA-512. I'm not aware of weaknesses in SHA-1 when used with the HMAC construction. The application you are using though should have provided a way for you to force alternative algorithms (e.g. via a gnutls priority string). regards, Nikos -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
