On 09/18/2008 06:10 PM, Jean-Marc Desperrier: > I'm happy we can agree on this point, it makes me hope someday you'll > see the light about why the current handling of SSL errors in Fx3 is far > from perfect (first by realizing that there's *not* only the proponents > of self-signed certs in that camp).
The worlds of web and mail are inherently different, as transport of mail may or may not be encrypted to and from the server - transport isn't limit to the client-server connection. So lets not confuse the meanings between those two! In order to secure mail correctly, S/MIME certificates can be used. TLS connections to mail servers simply prevents some sniffing and to some extend can assure that you are talking to the right server. It's not more than that. > The options should read : > [ ] require STARTTLS > [ ] disable STARTTLS > > With none of the two enabled by default. > > Getting "require STARTTLS" automatically enabled if the initial > connexion was succesfully in STARTTLS mode would be good. I think this is a good idea (The wording can be improved). -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
