From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/67545 Path: news.gmane.org!not-for-mail From: arno@natisbad.org (Arnaud Ebalard) Newsgroups: gmane.emacs.gnus.general Subject: Re: Bug#499774: starttls is a joke Date: Wed, 08 Oct 2008 07:54:53 +0200 Message-ID: <878wszskb6.fsf@natisbad.org> References: <871vzca7gp.fsf@natisbad.org> <87y71kpmq7.fsf@bubble.risko.hu> <87od2g31hf.fsf@natisbad.org> <87tzc8upgf.fsf@marauder.physik.uni-ulm.de> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1223445528 32210 80.91.229.12 (8 Oct 2008 05:58:48 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 8 Oct 2008 05:58:48 +0000 (UTC) Cc: Daiki Ueno , Simon Josefsson , 499774@bugs.debian.org, RISKO Gergely , ding@gnus.org To: Matthias Andree Original-X-From: ding-owner+M15996@lists.math.uh.edu Wed Oct 08 07:59:44 2008 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.50) id 1KnS54-0001VU-Mj for ding-account@gmane.org; Wed, 08 Oct 2008 07:59:31 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1KnS38-0001Cp-O7; Wed, 08 Oct 2008 00:57:30 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1KnS31-0001CU-Si for ding@lists.math.uh.edu; Wed, 08 Oct 2008 00:57:24 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtp (Exim 4.69) (envelope-from ) id 1KnS2y-00007W-97 for ding@lists.math.uh.edu; Wed, 08 Oct 2008 00:57:23 -0500 Original-Received: from moog.chdir.org ([88.191.42.160]) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1KnS31-0008E4-00 for ; Wed, 08 Oct 2008 07:57:23 +0200 Original-Received: from [2001:7a8:78df:2:20d:93ff:fe55:8f78] (helo=localhost.localdomain) by moog.chdir.org with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1KnS2J-0000yP-R9; Wed, 08 Oct 2008 07:56:40 +0200 X-PGP-Key-URL: http://natisbad.org/arno@natisbad.org.asc X-Fingerprint: 47EB 85FE B99A AB85 FD09 46F3 0255 957C 047A 5026 X-Hashcash: 1:20:081008:matthias.andree@gmx.de::xM7kCyIXH4W4Er2Y:0000000000000000000000000000000000000000HNH X-Hashcash: 1:20:081008:ding@gnus.org::pJI2sq7/MqBJB7XK:00000gt1 X-Hashcash: 1:20:081008:499774@bugs.debian.org::mwX6S/7DsmhJwwF/:0000000000000000000000000000000000000003ECW X-Hashcash: 1:20:081008:ueno@unixuser.org::CSByXcnuKdvtNhNj:000000000000000000000000000000000000000000003LFn X-Hashcash: 1:20:081008:risko@debian.org::sur/tpOz6w93++8o:05Q+L X-Hashcash: 1:20:081008:simon@josefsson.org::wwysbEKwCF9yUAaf:0000000000000000000000000000000000000000006XlR In-Reply-To: (Matthias Andree's message of "Tue, 07 Oct 2008 22:41:25 +0200") User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.2 (gnu/linux) X-Spam-Score: -2.6 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:67545 Archived-At: Hi, Matthias Andree writes: > Reiner Steib writes: > >>> Then, someone should correct the code to support passing trust anchors, >>> allow passing the verify value, and document capabilities and >>> limitations. >> >> Gnus currently uses starttls if starttls and gnutls-cli are available >> for backward compatibility. >> >> Would it make sense to prefer gnutls-cli and warn when using starttls >> (if gnutls-cli is not installed)? > > It would make sense to fix the tools first, and stop using them in > unsafe ways. > > I recently found on Cygwin, when setting up Emacs+Gnus, that gnutls-cli > (2.4.2 IIRC) has some subtle "accept b0rked cert chain" behaviour: it > would happily accept any garbage^Wuntrusted certificate chain without > notice -- when I'm not using "--x509cafile FOO" on the command line. > This isn't documented anywhere (manual, manpage, --help), I found this > out through systematic testing. > > I find this most disturbing, since if I don't provide a set of trusted > X.509 CA certs, I trust nobody (rather than everybody as gnutls-cli > does)... gnutls-cli should bail out if it has no trusted root > certificates, rather than silently trust everyone. Go figure - there's a > difference between giving "--x509cafile /dev/null" and not giving this > option at all. :-( Maybe I missed the point in Simon's response below because if you are correct (I just don't have gnutls-cli on my laptop to test) that deserves a bug report (and a clarification from Simon): http://article.gmane.org/gmane.linux.debian.devel.bugs.general/493201 > While I'm at it, from the end user's perspective, I find it very hard to > figure what options I need for a proper configuration that doesn't use > b0rked protocols such as SSLv2, that uses proper X.509 certificate > validation to detect MITM attacks. Few applications except Firefox 3 get > that right, and I couldn't tell one off-hand. > > I think that EVERY tool that has a remotely security-related context > should default to bulletproof mode and require that the user relaxes > every test explicitly. > > Yes, I need to do homework here, fetchmail doesn't get this right > either... compatibility and all that. > > So I'd say make Gnus default to gnutls-cli and change the sample > configuration to include --x509cafile and add instructions to the > defcustom blah self-documentation telling the user to cat(1) his trusted > ROOT certificates (in PEM format) together to form this file. +1 (a big one). Cheers, a+