[Date Prev][Date Next] [Chronological] [Thread] [Top]

documentation for security ssf-settings

Is there any more comprehensive documentation for the security strength 
factors in the security statement than the man-page entry?

"The minssf=<factor> property specifies the minimum acceptable security 
strength factor as an integer approximate to effective key length used for 
encryption.   0  (zero) implies no protection, 1 implies integrity protection 
only, 56 allows DES or other weak ciphers, 112 allows triple DES and other 
strong ciphers, 128 allows RC4, Blowfish and other modern strong ciphers.  
The default is 0."

I am espacially interested which consequences the different ssf-settings 
exactly have. What is really checked if I set for example
security transport=x sasl=y tls=z ??

Additionally I'd like to know if it is possible to set special 
security-settings for localhost-connections as they are always secure and 
won't need encryption.