It appears that Thomas Walter via mailop <[email protected]> said: >They have found more than 40 vulnerabilities in STARTTLS implementations. > >https://nostarttls.secvuln.info/ > >Their conclusion is that all vulnerabilities rely on the transition of >an insecure connection to a secure connection. > > Implicit TLS does not have such a transition and is therefore not >vulnerable to any of these attacks. We therefore consider implicit TLS a >more secure option than STARTTLS.
I took a look at the paper and the message I took away was that you should use up to date TLS libraries that don't leave junk in their buffers. FWIW, I ran their test script on my SMTP server which does STARTTLS with the current gnutls library and no special defenses against this attack, and it said the server didn't have the problem. R's, John _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
