Sveiki, Wednesday, April 6, 2011, 8:21:03 PM, you wrote:
> Hi Vilius et al, > Wednesday, April 6, 2011, 12:00:16 PM, you wrote: >>> > You can do this by using standard plain text connection method. >>> That is hard to do if the server, for example, only supports SSL >>> connections (as is common practice today) and uses self-signed >>> certs for that - and as such just as good as advising someone, who >>> complains that a car lets him put in diesel where unleaded is >>> needed, to try to run his car on wood. >> I'm not sure why you think this is "a common practice". Sure it was >> the case like 5 years ago, but now every major webmail provider, >> bigger companies and even universities use good certificates. I use >> 6 accounts for work and 2 personal accounts and all of them are >> properly secured with proper certificates. And given what messages >> IE, FF and Chrome throughs at users these days, I don't imagine who >> is using self-signed ones. > This is more of a philosophical discussion about PKE (Public Key > Encryption). This might be a bit OT, if so we can carry on PM. > There are 2 main uses for PKE. > 1.- Certify endpoints. For this there must be an unbroken certificate > chain from a trusted CA down through 0 or more intermediate > certificates to the end certificate that is being used. For this > purpose Vilius is right, self-signed certificates are no use. > 2.- Secure communications channel. The communication is opaque to all > but the 2 endpoints that are communicating. When you perform > IMAP/POP3/SMTP authentication you are sending your login details, you > definitely don't what people to read that, and you might not want them > to read the mail contents either. For this purpose self-signed > certificates are perfectly OK. > As a small aside, even for purpose 1 the current implementation is > flawed. It all goes down to having a few trusted 100% secure Root CA. > This is not actually the case. Some CA have been compromised in the > past, which is one problem, another is that some countries have their > own internationally recognised government controlled CA, which then > allows the government to mount man-in-the-middle attack on SSL traffic > going through their country. > I want The Bat! to store the self-signed certificate so that I can > simplify purpose 2 above. Completely true. With small addition, that point 2 only makes sense when you can certify endpoints also. E.i. to allow self-signed communication in secure manner you MUST get certificate from the person you trust, on USB key, or that such certificate should be pushed securely through Windows Group Policy for example. Trusting (e.g. accepting) self-signed CA through internet is risky. You could actually be accepting certificate of transparent proxy without knowing it, you have to check figerprint, etc, etc. This is why I think current method is really enough. If it doesn't work as some users said, then of course BT ticket should be created for that. -- Best regards, Vilius ________________________________________________________ Current beta is 5.0.6.1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
