From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <9front-bounces@9front.inri.net> X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: from 9front.inri.net (9front.inri.net [168.235.81.73]) by inbox.vuxu.org (Postfix) with ESMTP id 4CD7B25079 for ; Thu, 16 May 2024 04:08:21 +0200 (CEST) Received: from auth.driusan.net ([207.148.18.58]) by 9front; Wed May 15 22:06:55 -0400 2024 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=driusan.net; h=date:from:to:subject:message-id:; s=20180128; bh=/Cc/z5NL21IyXTFtKloeKkCdEECUC9VYHS6n54walFY=; b=JCPSqlTv0MPidr/59sLGlRR5iQMkBRZAkgGOhYBjna0cKwmqUBlMwVY34beq4sSWgG/rfCvGUzdr/+VUh0440izucvfBKdM/QmaJlMyPiVIsG6qT00iuOPQS6CfwuLZr/HejSA0f8iwHbjMMUWHtoIi2nfJlOMsoOboVyvXZiDzS36q5G5pn9n74tA27uqyJ/UOxGue13zHtgCy73QOcTIX6DpJzSpZ/g7IEnzZCn05ZqY4I5uAB9iUvUTyYwB9nXOXxr0rJFT9XJBaYx7ZlV4LO0poIJ6QHZMb+Mp3eLPdpFATzGTidyTz8bW5Ox7hA2mkOiQnRO+lgZnxuSXJXGQ== Received: from [127.0.0.1] ([184.161.79.109]) by auth; Wed May 15 22:06:54 -0400 2024 Date: Wed, 15 May 2024 22:06:52 -0400 From: Dave MacFarlane To: 9front@9front.org User-Agent: K-9 Mail for Android In-Reply-To: References: <4C1B6B746BF77B2F88319BBFCBFEB08C@driusan.net> Message-ID: <3E9CD53E-3E5D-4798-8D24-3A42917AA750@driusan.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Autocrypt: addr=driusan@driusan.net; prefer-encrypt=mutual; keydata= mDMEZkVa8BYJKwYBBAHaRw8BAQdAHsCkXeCK6z/+2vpRioaY38eg2RCOhxQhqEDeykbgVPu0JURh dmUgTWFjRmFybGFuZSA8ZHJpdXNhbkBkcml1c2FuLm5ldD6IcgQTFggAGgQLCQgHAhUIAhYBAhkB BYJmRVrwAp4BApsDAAoJEO/ghoP8LmLATIAA/30Q8HZbjr+WnF9IhHpKXA8Vdd3RCGqu5eR5ze3z ywiaAP9ME2rGIVv44dPIuwrQZfoMKMfRM32S3mHGpWnbEG/mDrg4BGZFWvASCisGAQQBl1UBBQEB B0A5XRaB/G7Nxox6q9Q9FetnGHUvPn92ZmxOD3CFNovBTgMBCAeIYQQYFggACQWCZkVa8AKbDAAK CRDv4IaD/C5iwKdYAQCnvTyIqwjbSxT8lqhrs/zi2E/8sR4B0TIRyCQYZPepdAD/ceby7zeC7LJg GHXJMy3ZS5nUflSHleu616T/aKijxAw= List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: persistence-based singleton replication realtime-java interface interface Subject: Re: [9front] Re: "Insecure" icon in gmail Reply-To: 9front@9front.org Precedence: bulk On May 15, 2024 9:23:05=E2=80=AFp=2Em=2E EDT, Anthony Martin wrote: >Dave MacFarlane once said: >> 2=2E Is there a better way to do this? > >Not currently=2E Note that webfs, ftpfs, aux/wpa, dns over tls, and >probably others do not bother checking the validity of a server's >certificate=2E This is not ideal=2E No one has done the work=2E Alas=2E > >> 3=2E Would it make sense to add a flag to use startls but not >> validate certificates for upas/smtp? > >Perhaps=2E But it would still be "insecure" even if the Google borg >doesn't show the super serious (see, it's even colored red) flag >on your messages=2E > >Cheers, > Anthony > I'm not sure I follow why it would be more insecure than the things you li= sted above=2E=20 Currently the options I can figure out with the flags to upas/smtp are:=20 1=2E Transmitted in plain text 2=2E Encrypted in transit, but you can only send email to known servers th= at you've pre-setup the thumbprint for before sending=2E The security would be between the two=2E