Logjam is a bug that existed since the 1990s. It would allow an attacker sitting between a user and a vulnerable server to lower the TLS encryption so that it can be cracked. The bug affects all servers that support DHE_EXPORT ciphers for encrypting their traffic. The Tutanota servers never supported DHE_EXPORT and, thus, were never affected by Logjam.
As a precaution we have configured the Tutanota servers so that they do not support any DHE cipher suites at all. Thus, we even protect your unencrypted emails with secure transport encryption.
No comments available