> Ben Hutchings writes:
> On Mon, 2016-10-24 at 15:15 +, Ivan Shmakov wrote:
> Ben Hutchings writes:
[…]
>>> Those certificates look as expected. Since TLS encryption of SMTP
>>> between servers is opportunistic, there's no
On Mon, 2016-10-24 at 15:15 +, Ivan Shmakov wrote:
> > > > > >
> >
> > Ben Hutchings writes:
>
>
> […]
>
> > Those certificates look as expected. Since TLS encryption of SMTP
> > between servers is opportunistic, there's no particular reason to use
> > a widely
> Ben Hutchings writes:
[…]
> Those certificates look as expected. Since TLS encryption of SMTP
> between servers is opportunistic, there's no particular reason to use
> a widely trusted CA for server certificates. A MITM can just as
> easily block STARTTLS as
> Julien Cristau writes:
> On Mon, Oct 24, 2016 at 11:45:33 +, Ivan Shmakov wrote:
[…]
>> Speaking of which. Does the gnutls-cli transcript MIMEd signify of
>> an ongoing MitM attack, or is it just a misconfiguration?
> Neither.
>
On Mon, 2016-10-24 at 13:00 +, Ivan Shmakov wrote:
> >
> > Andrey Rahmatullin writes:
> > On Mon, Oct 24, 2016 at 11:45:33AM +, Ivan Shmakov wrote:
>
>
> >> $ gnutls-cli --starttls -p 25 bendel.debian.org
>
> […]
>
> >> Connecting to '82.195.75.100:443'...
>
> >
On Mon, Oct 24, 2016 at 11:45:33 +, Ivan Shmakov wrote:
> > Kristian Erik Hermansen writes:
> > On Mon, Oct 24, 2016 at 1:59 AM, Adrian Bunk wrote:
>
> […]
>
> >> For the kind of attacks you are describing, https is just snake oil.
>
> Andrey Rahmatullin writes:
> On Mon, Oct 24, 2016 at 11:45:33AM +, Ivan Shmakov wrote:
>> $ gnutls-cli --starttls -p 25 bendel.debian.org
[…]
>> Connecting to '82.195.75.100:443'...
> I cannot reproduce gnutls-cli connecting to :443 when asked :25.
On Mon, Oct 24, 2016 at 11:45:33AM +, Ivan Shmakov wrote:
> $ gnutls-cli --starttls -p 25 bendel.debian.org
> Processed 173 CA certificate(s).
> Resolving 'bendel.debian.org'...
> Connecting to '2001:41b8:202:deb:216:36ff:fe40:4002:443'...
> Connecting to '82.195.75.100:443'...
I cannot
> Kristian Erik Hermansen writes:
> On Mon, Oct 24, 2016 at 1:59 AM, Adrian Bunk wrote:
[…]
>> For the kind of attacks you are describing, https is just snake oil.
> Profusely disagree and so do other members of this list. I'll leave
>
9 matches
Mail list logo