On Tue, 11 Mar 2003, Andreas Aardal Hanssen wrote: > On Mon, 10 Mar 2003, Charlie Brady wrote: > >On Sun, 9 Mar 2003, Andreas Aardal Hanssen wrote: > >> On Sat, 8 Mar 2003, Gary wrote: > >I've been trying to wrap my mind about the issues of using stunnel to > >implement STARTTLS for us, but a quick google suggests that someone has > >broken that trail: > >http://www.suspectclass.com/~sgifford/stunnel-tlsproxy/imap-tls.README > >How many lines of bincimap can we remove if someone else does TLS and > >authentication for us? > > Since STARTTLS is going to be a mandatory part of the next revision of the > IMAP protocol (IMAP4rev2), we will have to have native support for SSL.
Just because STARTTLS will be mandatory does not imply that it must be provided by the same program as the protocol handling and mailbox access. The binc IMAP "solution" must implement STARTTLS, but I don't accept that it must be provided by native support. TCP socket connections are mandatory also, but they're provided by an external program. That's not to say that stunnel in particular should do it. > The SSL code in Binc takes up approximately 100 lines. That's a relevant issue, but not the only one. Recent events tell us that we want to be careful how we use SSL code. I'd very much like to see it run non-root, and preferably chrooted. Mr Gifford has apparently provided a mechanism for doing this. I'd like to see that mechanism investigated rather than dismissed out of hand. Adopting suitable off-the-shelf components, reducing your line count and building a more secure architecture seem to be Good Things to me. -- Charlie
