On Thu, Mar 03, 2016 at 11:03:25AM +0000, Stephen Farrell wrote: > > The way I see it for opportunistic TLS in general, and Postfix specifically, > > is that the sensible approach is to prune the deadwood once it is no longer > > useful for interoperability except with a theoretical, but in practice negligible > > to non-existent minority of peers. That is, once removing obsolete > > and week crypto has no practical negative consequences, we should just do it. > > This was something we debated during the processing of > RFC7435. I do think the OS approach is a fine thing, but > I'd be much more for ditching weak crypto than you. We're not in significant disagreement. I'm not advocating keeping weak crypto around, in fact the opposite. Rather I drawing advocating some attention to balancing interoperability needs in the timing of the removal. For opportunistic security, breaking interoperability *in practice* (not just in theory) is to be avoided in the early phase of deprecation when better alternatives are not sufficiently widely deployed. If or once better alternatives are almost universally deployed, out it goes. -- Viktor.