On Thu, 17 Jan 2008 20:22:41 +0100, till <[EMAIL PROTECTED]> wrote:
> Dear Maximilien,
>
> On Jan 17, 2008 4:17 PM, Jason Fesler <[EMAIL PROTECTED]> wrote:
>> (...)
>> Oh well, off my soap box. Implement what you want. I just hope any
>> README or whatever includes some paranoia.
>
> +1
>
> I'm not strictly against this feature but then again I wouldn't upload
> my key to *any* provider.
>
> Think about the general risk. I am not saying that someone will spy on
> you and steal your key but what if they get hacked etc..
Then their ssl certs will /also/ be at risk. Hell, It /really/ is not difficult
to "lift" their certs, and implement a little DNS cache poisoning and
claim to be them. Then /you/ as their user will continue to use a server
you /believe/ to be them. While all the while, they're (the hackers)
in complete control of your mail. Phishing also comes to mind.
> There are
> multiple scenarios that come to mind. I guess it's fine to have this
> feature when you are in total control of your environment and don't
> mind the risk.
>
> Anyway, having said that - and since no one else said, "OH I AM
> WORKING ON THIS", go knock yourself out. ;-)
I believe it is a worthy cause in both cases. It would simply be more
feasible as a "server side" solution.
On one last note; I can't help but notice the omission of keyservers
in any of these scenarios. I mean you /must/ use them. Yet nobody
even mentions the possibility of /them/ being trustworthy.
>
> Till
/////////////////////////////////////////////////////
Service provided by hitOmeter.NET internet messaging!
.
_______________________________________________
List info: http://lists.roundcube.net/dev/
