Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

carlo von lynX lynX at
Sun Nov 1 09:42:23 PST 2015

Let's frame the threat models. Bulk collection probably does 
not include using OS backdoors so the suggestion to use mutt
on BSD isn't wrong, but not necessary to move a step forward.

On Sun, Nov 01, 2015 at 05:39:29PM +0100, malte at wrote:
> I think mail providers should stop accepting starttls opportunisticly,
> but should start requiring it.

Whereas man-in-the-middling SMTP federation connections
(same problem as with XMPP and IRC networks) may be rather
cheap: How do mail servers check certificates? Do they
pin them down? Do they accept anything valid? Do they
ignore certificate validity? What if anything went wrong
during interserver-TLS. Will the end-user ever find out?
Do the new "Received" headers really reflect such info
and how would you explain what certain headers mean to
the end user?.. given the "Received" headers are accurate,
as questioned in previous mail. And then you may bump
into mail providers that use inconsistent certificates
like it happened for us who developed "Certificate Patrol"
to find out that the majority of our potential users can't
handle the frequent amount of questionable https 
connections the industry confronts them with, given such
freedoms in the broken X.509 standard TLS is built upon.

Yes, mail providers should require STARTTLS, but it leaves
a dozen insecurities up in the air which are structural
to the very bad protocol standards we have. It's less work
to design a new mail system from scratch than to reduce
the insecurities of SMTP from 31 to 30.

  E-mail is public! Talk to me in private using encryption:

More information about the liberationtech mailing list