From: Dave MacFarlane <driusan@driusan.net>
To: 9front@9front.org
Subject: Re: [9front] Re: "Insecure" icon in gmail
Date: Wed, 15 May 2024 22:06:52 -0400 [thread overview]
Message-ID: <3E9CD53E-3E5D-4798-8D24-3A42917AA750@driusan.net> (raw)
In-Reply-To: <ZkVf-SR5UY4LSuYI@alice>
On May 15, 2024 9:23:05 p.m. EDT, Anthony Martin <ality@pbrane.org> wrote:
>Dave MacFarlane <driusan@driusan.net> once said:
>> 2. Is there a better way to do this?
>
>Not currently. Note that webfs, ftpfs, aux/wpa, dns over tls, and
>probably others do not bother checking the validity of a server's
>certificate. This is not ideal. No one has done the work. Alas.
>
>> 3. Would it make sense to add a flag to use startls but not
>> validate certificates for upas/smtp?
>
>Perhaps. But it would still be "insecure" even if the Google borg
>doesn't show the super serious (see, it's even colored red) flag
>on your messages.
>
>Cheers,
> Anthony
>
I'm not sure I follow why it would be more insecure than the things you listed above.
Currently the options I can figure out with the flags to upas/smtp are:
1. Transmitted in plain text
2. Encrypted in transit, but you can only send email to known servers that you've pre-setup the thumbprint for before sending.
The security would be between the two.
next prev parent reply other threads:[~2024-05-16 2:08 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-15 21:21 [9front] " Dave MacFarlane
2024-05-15 21:28 ` Stanley Lieber
2024-05-16 1:23 ` [9front] " Anthony Martin
2024-05-16 1:39 ` Kurt H Maier
2024-05-16 2:06 ` Dave MacFarlane [this message]
2024-05-16 2:51 ` Anthony Martin
2024-05-16 10:27 ` [9front] " cinap_lenrek
2024-05-16 11:01 ` sirjofri
2024-05-18 18:45 ` ori
2024-05-18 20:12 ` hiro
2024-05-18 22:27 ` sirjofri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3E9CD53E-3E5D-4798-8D24-3A42917AA750@driusan.net \
--to=driusan@driusan.net \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).