Hi,
Matthias Andree <[EMAIL PROTECTED]> writes:
> Reiner Steib <[EMAIL PROTECTED]> writes:
>
>>> Then, someone should correct the code to support passing trust anchors,
>>> allow passing the verify value, and document capabilities and
>>> limitations.
>>
>> Gnus currently uses starttls if startt
Reiner Steib <[EMAIL PROTECTED]> writes:
>> Then, someone should correct the code to support passing trust anchors,
>> allow passing the verify value, and document capabilities and
>> limitations.
>
> Gnus currently uses starttls if starttls and gnutls-cli are available
> for backward compatibili
[EMAIL PROTECTED] (Arnaud Ebalard) writes:
"This software does not have any authentication capabilities: it does
not allow you to authenticate your peer, which is a basic requirement
for TLS/SSL to be used securely. You should only use it for testing
purposes and not relaying i
> Then, someone should correct the code to support passing trust anchors,
> allow passing the verify value, and document capabilities and
> limitations. (*)
I certainly don't have time to do it, and since I can't agree with the
politics behind the whole SSL model, I don't think that I will have
t
Hi,
Simon Josefsson <[EMAIL PROTECTED]> writes:
> Reiner Steib <[EMAIL PROTECTED]> writes:
>
>> Would it make sense to prefer gnutls-cli and warn when using starttls
>> (if gnutls-cli is not installed)?
>
> Possibly, yes.
I use stunnel w/ Gnus. Some friends of mine use socat.
> Note that emacs2
Reiner Steib <[EMAIL PROTECTED]> writes:
> Would it make sense to prefer gnutls-cli and warn when using starttls
> (if gnutls-cli is not installed)?
Possibly, yes.
Note that emacs22 (the version in debian testing) supports both starttls
and gnutls-cli, so the comment made earlier that removing t
[ Stripping some cc-ed lists because I only comment on the Gnus side
of the issue. Adding starttls.el authors. ]
On Mon, Sep 22 2008, Arnaud Ebalard wrote:
> RISKO Gergely <[EMAIL PROTECTED]> writes:
[...]
>> You surely knows about the gnus usage of this, since you CC'd the
>> mailing list, sor
Hi, [resending, forgot some CC]
RISKO Gergely <[EMAIL PROTECTED]> writes:
> Sorry, I haven't noticed that you have cc'd mailing lists. Please
> find below my first response to Arnaud.
At least, thanks for the quick reply.
> You surely knows about the gnus us
Sorry, I haven't noticed that you have cc'd mailing lists. Please
find below my first response to Arnaud.
You surely knows about the gnus usage of this, since you CC'd the
mailing list, sorry.
So my option is that a disclaimer should be placed, but SSL with
SSL_VERIFY_NONE is MUCH, MUCH, MUCH be
Package: starttls
Version: 0.10-3
Severity: critical
starttls package should IMHO be removed from Debian repositories, as it
looks like a security joke:
- it does not allow passing trust anchors to be used to verify the
remote peer: are users expected to see the issue by themselves and not
us
10 matches
Mail list logo
