Dnia 3.08.2022 o godz. 14:46:06 Jarland Donnell via mailop pisze: > > But you must take into account the difference between web and e-mail. > > With > > HTTPS, the connection is directly between your browser and the server, > > so if > > it's secure, it's secure (as long as you trust the server). Period. > > This leans on faulty logic. If the browser is on the screen of a laptop > plugged directly into the server, sitting in the middle of that place that > sounds suspiciously like an airport, then this would be true. But then, if > you trust the website and there is no one in between, what exactly is the > point of SSL at all? Is it merely cosmetic in nature? Why do we have secure > connections to anything if an old-school trust model is sufficient?
You totally didn't understand me. I never said the client is plugged directly into the server and there's no one in between. I'm talking exactly about SSL. If you have a strong SSL connection from browser to server, *and* you have a verified certificate, *and you trust the certificate issuer*, *and you trust the server* (that it doesn't use your data for any other purpose that it claims to - for example does not send a copy of your otherwise secure and encrypted communication to some third party), then your connection is secure. This is *not* the case of email. First, you *don't* have a direct connection from sending application to receiving application - the message goes through one or more servers on its way. If there is only one server (ie. sender and recipient have e-mail accounts on the same server), the clients connect to the server securely *and* you trust the server operator that they don't read your messages, then - and only then - your email is secure. If sender's and receiver's email accounts are on different servers, then email is insecure by design :). You don't have, neither as sender nor as the receiver, control over how one server connects to the other and if it uses any intermediate servers in between. You don't have control over what operators of these servers do with your messages. So if you want email to be secure, you must encrypt it before it leaves your email client (I'm talking here of content encryption, not in-transit encryption like SSL) and it must stay encrypted all the time, until receiver decrypts it when it is already in their mail client. So any speculations about more or less secure TLS used on MTA-to-MTA connections make no sense as there is much more happening in process of email transit than one simple connection (as it is in case of HTTPS). Plus, you seem to ignore the fact that there is no such thing as "secure" or "insecure". Nothing is 100% secure and you can only say about things being less or more secure. Everything is the matter of potential risk versus protection measures involved - in fact, balancing these two is the essence of the entire art of security :). As you have yourself pointed out, even a plaintext connection is secure if the risk is minimal, ie. you know that there's no one in between. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
