[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] CAs and cipher suites for cautious servers like FreedomBox

On Thu, Sep 12, 2013 at 04:44:31PM +0100, Keith wrote:
> With a CA on each freedombox there need not be a requirement for a
> server.
> 
> If my understanding of Tor is right, it is designed for anonymity, not
> encryption, should not need a CA for this.

Can you get PFS with snakeoil (I presume these are generated during
the installation, is there at all enough entropy at that time so
this is safe?) certs?

Postfix and dovecot in newer versions can do PFS:
http://www.heinlein-support.de/blog/security/perfect-forward-secrecy-pfs-fur-postfix-und-dovecot/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130913/a7efa6c7/attachment.sig>
Reply to: