From: Reiner Steib <reinersteib+gmane@imap.cc>
To: Arnaud Ebalard <arno@natisbad.org>,
Daiki Ueno <ueno@unixuser.org>,
Simon Josefsson <simon@josefsson.org>
Cc: 499774@bugs.debian.org, RISKO Gergely <risko@debian.org>, ding@gnus.org
Subject: Re: Bug#499774: starttls is a joke
Date: Mon, 22 Sep 2008 18:15:28 +0200 [thread overview]
Message-ID: <87tzc8upgf.fsf@marauder.physik.uni-ulm.de> (raw)
In-Reply-To: <87od2g31hf.fsf@natisbad.org> (Arnaud Ebalard's message of "Mon, 22 Sep 2008 12:43:08 +0200")
[ Stripping some cc-ed lists because I only comment on the Gnus side
of the issue. Adding starttls.el authors. ]
On Mon, Sep 22 2008, Arnaud Ebalard wrote:
> RISKO Gergely <risko@debian.org> writes:
[...]
>> You surely knows about the gnus usage of this, since you CC'd the
>> mailing list, sorry.
>
> yes.
>
>> So my option is that a disclaimer should be placed, but SSL with
>> SSL_VERIFY_NONE is MUCH, MUCH, MUCH better than not using SSL at all.
>
> No, it is not. It is worse. It provides a feeling of security to the
> people that use it. It is like driving with deactivated airbags.
>
>> And the joke is SSL's security model - where you are considered secure
>> if you pay $500/year -, not starttls.
>
> 1) I use my own PKI for some of my services, which costs me nothing.
> 2) As a client, you do not pay for the server certificates (cf gmail)
> and trust anchors.
> 3) It is a lame excuse.
[...]
>> I'm against the removal, since it will break imaps/pop3s connections
>> from emacs based muas (I'm at least sure in gnus, I use it hourly).
>
> Then, someone should correct the code to support passing trust anchors,
> allow passing the verify value, and document capabilities and
> limitations.
Gnus currently uses starttls if starttls and gnutls-cli are available
for backward compatibility.
Would it make sense to prefer gnutls-cli and warn when using starttls
(if gnutls-cli is not installed)?
,----[ starttls.el ]
| ;;; Commentary:
|
| ;; This module defines some utility functions for STARTTLS profiles.
|
| ;; [RFC 2595] "Using TLS with IMAP, POP3 and ACAP"
| ;; by Chris Newman <chris.newman@innosoft.com> (1999/06)
|
| ;; This file now contains a combination of the two previous
| ;; implementations both called "starttls.el". The first one is Daiki
| ;; Ueno's starttls.el which uses his own "starttls" command line tool,
| ;; and the second one is Simon Josefsson's starttls.el which uses
| ;; "gnutls-cli" from GNUTLS.
| ;;
| ;; If "starttls" is available, it is prefered by the code over
| ;; "gnutls-cli", for backwards compatibility. Use
| ;; `starttls-use-gnutls' to toggle between implementations if you have
| ;; both tools installed. It is recommended to use GNUTLS, though, as
| ;; it performs more verification of the certificates.
`----
[...]
>> Thanks again for your contribution to Debian, if you write the
>> disclaimer in a few world that should be appended to the package
>> description in your opinion, it would be a big help.
>
> "This software does not have any authentication capabilities: it does
> not allow you to authenticate your peer, which is a basic requirement
> for TLS/SSL to be used securely. You should only use it for testing
> purposes and not relaying important information. Be aware that you are
> vulnerable to MITM when using it"
Bye, Reiner.
--
,,,
(o o)
---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/
next prev parent reply other threads:[~2008-09-22 16:15 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-22 8:52 Arnaud Ebalard
2008-09-22 9:13 ` RISKO Gergely
2008-09-22 9:49 ` Arnaud Ebalard
2008-09-22 10:43 ` Arnaud Ebalard
2008-09-22 16:15 ` Reiner Steib [this message]
2008-09-22 16:38 ` Simon Josefsson
2008-09-22 17:48 ` Arnaud Ebalard
2008-10-02 10:04 ` Simon Josefsson
2008-10-07 20:43 ` Matthias Andree
2008-10-07 22:41 ` Simon Josefsson
2008-10-08 10:45 ` Matthias Andree
2008-10-08 11:55 ` Arnaud Ebalard
2008-10-07 20:41 ` Matthias Andree
2008-10-08 5:54 ` Arnaud Ebalard
2008-09-23 17:18 ` Riskó Gergely
2008-09-23 14:43 ` Uwe Brauer
2008-09-24 3:39 ` Sebastian Krause
2008-09-26 13:19 ` Uwe Brauer
2008-09-26 13:25 ` Sebastian Krause
2008-09-26 21:16 ` Uwe Brauer
2008-09-26 23:27 ` Sebastian Krause
2008-09-26 15:09 ` Magnus Henoch
2008-09-26 21:14 ` Uwe Brauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tzc8upgf.fsf@marauder.physik.uni-ulm.de \
--to=reinersteib+gmane@imap.cc \
--cc=499774@bugs.debian.org \
--cc=Reiner.Steib@gmx.de \
--cc=arno@natisbad.org \
--cc=ding@gnus.org \
--cc=risko@debian.org \
--cc=simon@josefsson.org \
--cc=ueno@unixuser.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).