Re: [PATCH]: SSL options to disable SSLv2

• Previous message: Huu Da Tran: "Re: Can I force local delivery to Maildir from an aliases file?"
• Maybe in reply to: Christian von Roques: "[PATCH]: SSL options to disable SSLv2"
• Next in thread: Christian von Roques: "Re: [PATCH]: SSL options to disable SSLv2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, Sep 08, 2005 at 03:52:26PM -0400, Victor Duchovni wrote:
> On Thu, Sep 08, 2005 at 03:40:54PM -0400, Victor Duchovni wrote:
>
> > Here's my data (August 01 2005 - today), still in progress, but the
> > results for as much of August as has crunched through are:
> >
> > 600302 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> > 413991 (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
> > 23675 (using TLSv1 with cipher RC4-SHA (128/128 bits))
> > 13283 (using SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> > 5704 (using TLSv1 with cipher AES256-SHA (256/256 bits))
> > 2261 (using SSLv3 with cipher RC4-MD5 (128/128 bits))
> > 1328 (using TLSv1 with cipher RC4-MD5 (128/128 bits))
> > 1231 (using SSLv3 with cipher RC4-SHA (128/128 bits))
> > 992 (using SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
> > 922 (using TLSv1 with cipher DES-CBC3-SHA (168/168 bits))
> > 487 (using SSLv3 with cipher DES-CBC3-SHA (168/168 bits))
> >
> > Not a single v2 connection, but a good mixture of SSLv3 and TLSv1,
> > so perhaps instead of making the protocols configurable, we can simply
> > drop v2 support with Postfix 2.3.
>
> The final tally was:
>
> 880867 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> 585966 (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
> 33714 (using TLSv1 with cipher RC4-SHA (128/128 bits))
> 19265 (using SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> 8281 (using TLSv1 with cipher AES256-SHA (256/256 bits))
> 3290 (using SSLv3 with cipher RC4-MD5 (128/128 bits))
> 2501 (using TLSv1 with cipher RC4-MD5 (128/128 bits))
> 1684 (using SSLv3 with cipher RC4-SHA (128/128 bits))
> 1426 (using TLSv1 with cipher DES-CBC3-SHA (168/168 bits))
> 1317 (using SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
> 511 (using SSLv3 with cipher DES-CBC3-SHA (168/168 bits))
>
> --
> Viktor.
>
> Disclaimer: off-list followups get on-list replies or get ignored.
> Please do not ignore the "Reply-To" header.
>
> To unsubscribe from the postfix-users list, visit
> http://www.postfix.org/lists.html or click the link below:
> <mailto:?body=unsubscribe%20postfix-users>
>
> If my response solves your problem, the best way to thank me is to not
> send an "it worked, thanks" follow-up. If you must respond, please put
> "It worked, thanks" in the "Subject" so I can delete these quickly.
>
> !DSPAM:43209640198463335510714!
>

My tally is:
150188 TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
38037 TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
4027 SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)
 691 TLSv1 with cipher RC4-SHA (128/128 bits)
 483 TLSv1 with cipher AES256-SHA (256/256 bits)
 372 TLSv1 with cipher RC4-MD5 (128/128 bits)
 309 SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
 108 TLSv1 with cipher DES-CBC3-SHA (168/168 bits)
  89 SSLv3 with cipher DES-CBC3-SHA (168/168 bits)
  10 SSLv3 with cipher RC4-MD5 (128/128 bits)
   5 SSLv3 with cipher RC4-SHA (128/128 bits)
   1 SSLv2 with cipher DES-CBC3-MD5 (168/168 bits)

- David

• Previous message: Huu Da Tran: "Re: Can I force local delivery to Maildir from an aliases file?"
• Maybe in reply to: Christian von Roques: "[PATCH]: SSL options to disable SSLv2"
• Next in thread: Christian von Roques: "Re: [PATCH]: SSL options to disable SSLv2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]