[Ach] pegasus mail vs. prefer_server_ciphers

Wolfgang Breyha wolfgang.breyha at univie.ac.at
Wed Nov 20 01:16:28 CET 2013

On 2013-11-19 17:51, Adi Kriegisch wrote:
> No, but you're not alone: http://community.pmail.com/forums/38947/ShowThread.aspx

Yes, I saw that thread and some others talking about pegasus failing at
Verizon and Fastmail. But they didn't talk about a plausible reason.

> Some guy there states that Pegasus Mail will switch from cryptlib to
> openssl any time real soon now(tm).

Yep, found that at http://www.pmail.com/devnews.htm
Public beta is announced for Q1 2014.
But thanks, cryptolib it is;-) Didn't find that yet.

> Obviously you found some interoperability issue between cryptlib and
> openssl. This guy also did: http://rant.gulbrandsen.priv.no/aox/cryptlib
> Do you have some kind of support contract? Could you ask the technical
> staff on how/when the think they'll be able to fix that?

No, I'm not using Pegasus. Only surprisingly many employees still do;-) I'm
waiting for reports for Eudora now:D

I removed the three ciphers from the list for now since my logs tell me
that this doesn't hurt at all. DHE-AES128 is not used at all and clients
using DHE-AES256 will most likely switch to the next in line which is
DHE-CAMELLIA256 (mostly RHEL6).

Thanks for your help anyway!

Wolfgang Breyha <wolfgang.breyha at univie.ac.at> | http://www.blafasel.at/
Vienna University Computer Center              | Austria

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20131120/5242bd70/attachment.sig>

More information about the Ach mailing list