From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/67412 Path: news.gmane.org!not-for-mail From: Reiner Steib Newsgroups: gmane.emacs.gnus.general Subject: Re: Bug#499774: starttls is a joke Date: Mon, 22 Sep 2008 18:15:28 +0200 Message-ID: <87tzc8upgf.fsf@marauder.physik.uni-ulm.de> References: <871vzca7gp.fsf@natisbad.org> <87y71kpmq7.fsf@bubble.risko.hu> <87od2g31hf.fsf@natisbad.org> Reply-To: Reiner Steib NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1222100472 4413 80.91.229.12 (22 Sep 2008 16:21:12 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 22 Sep 2008 16:21:12 +0000 (UTC) Cc: 499774@bugs.debian.org, RISKO Gergely , ding@gnus.org To: Arnaud Ebalard , Daiki Ueno , Simon Josefsson Original-X-From: ding-owner+M15863@lists.math.uh.edu Mon Sep 22 18:22:08 2008 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.50) id 1KhoAY-0004Eq-2H for ding-account@gmane.org; Mon, 22 Sep 2008 18:21:50 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1Kho8y-0003nK-4w; Mon, 22 Sep 2008 11:20:12 -0500 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1Kho8w-0003mz-If for ding@lists.math.uh.edu; Mon, 22 Sep 2008 11:20:10 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtp (Exim 4.69) (envelope-from ) id 1Kho8s-00032p-45 for ding@lists.math.uh.edu; Mon, 22 Sep 2008 11:20:10 -0500 Original-Received: from mail.uni-ulm.de ([134.60.1.11]) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1Kho8w-00043v-00 for ; Mon, 22 Sep 2008 18:20:10 +0200 Original-Received: from bridgekeeper.physik.uni-ulm.de (bridgekeeper.physik.uni-ulm.de [134.60.41.37]) by mail.uni-ulm.de (8.14.2/8.14.2) with ESMTP id m8MGJsMF008246; Mon, 22 Sep 2008 18:19:56 +0200 (MEST) Original-Received: from localhost (localhost [127.0.0.1]) by bridgekeeper.physik.uni-ulm.de (Postfix) with ESMTP id DC47D1C73D; Mon, 22 Sep 2008 18:19:53 +0200 (CEST) X-Face: P05mdcZT&lL[-s2=mw~RsllZ0zZAb?vdE}.s, Daiki Ueno , Simon Josefsson , 499774@bugs.debian.org, RISKO Gergely , ding@gnus.org In-Reply-To: <87od2g31hf.fsf@natisbad.org> (Arnaud Ebalard's message of "Mon, 22 Sep 2008 12:43:08 +0200") User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/22.1 (gnu/linux) X-DCC-CollegeOfNewCaledonia-Metrics: poseidon 1189; Body=6 Fuz1=6 Fuz2=6 X-Virus-Scanned: by amavisd-new X-Spam-Score: -2.6 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:67412 Archived-At: [ Stripping some cc-ed lists because I only comment on the Gnus side of the issue. Adding starttls.el authors. ] On Mon, Sep 22 2008, Arnaud Ebalard wrote: > RISKO Gergely writes: [...] >> You surely knows about the gnus usage of this, since you CC'd the >> mailing list, sorry. > > yes. > >> So my option is that a disclaimer should be placed, but SSL with >> SSL_VERIFY_NONE is MUCH, MUCH, MUCH better than not using SSL at all. > > No, it is not. It is worse. It provides a feeling of security to the > people that use it. It is like driving with deactivated airbags. > >> And the joke is SSL's security model - where you are considered secure >> if you pay $500/year -, not starttls. > > 1) I use my own PKI for some of my services, which costs me nothing. > 2) As a client, you do not pay for the server certificates (cf gmail) > and trust anchors. > 3) It is a lame excuse. [...] >> I'm against the removal, since it will break imaps/pop3s connections >> from emacs based muas (I'm at least sure in gnus, I use it hourly). > > Then, someone should correct the code to support passing trust anchors, > allow passing the verify value, and document capabilities and > limitations. Gnus currently uses starttls if starttls and gnutls-cli are available for backward compatibility. Would it make sense to prefer gnutls-cli and warn when using starttls (if gnutls-cli is not installed)? ,----[ starttls.el ] | ;;; Commentary: | | ;; This module defines some utility functions for STARTTLS profiles. | | ;; [RFC 2595] "Using TLS with IMAP, POP3 and ACAP" | ;; by Chris Newman (1999/06) | | ;; This file now contains a combination of the two previous | ;; implementations both called "starttls.el". The first one is Daiki | ;; Ueno's starttls.el which uses his own "starttls" command line tool, | ;; and the second one is Simon Josefsson's starttls.el which uses | ;; "gnutls-cli" from GNUTLS. | ;; | ;; If "starttls" is available, it is prefered by the code over | ;; "gnutls-cli", for backwards compatibility. Use | ;; `starttls-use-gnutls' to toggle between implementations if you have | ;; both tools installed. It is recommended to use GNUTLS, though, as | ;; it performs more verification of the certificates. `---- [...] >> Thanks again for your contribution to Debian, if you write the >> disclaimer in a few world that should be appended to the package >> description in your opinion, it would be a big help. > > "This software does not have any authentication capabilities: it does > not allow you to authenticate your peer, which is a basic requirement > for TLS/SSL to be used securely. You should only use it for testing > purposes and not relaying important information. Be aware that you are > vulnerable to MITM when using it" Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/