Hi Nicolai--
On 06/06/2014 04:39 AM, Nicolai Josuttis wrote:
> I am about to make the enigmail UI more convenient/self-explaining.
> So, I have the following problem:
> I want to give three choices for encryption (and other options):
> 1) use default setting and rules
> 2) turn encryption on
> 3)
GnuPG uses libcurl to do things like access remote URLs. libcurl
depends on OpenSSL.
fwiw, curl can be built against any of three possible crypto backends
Looking back over my "libcurl depends on OpenSSL" sentence, I have no
idea why I wrote that sentence that way. Color me chagrined.
W
On 06/06/2014 02:40 PM, Robert J. Hansen wrote:
> GnuPG uses libcurl to do things like access remote URLs. libcurl
> depends on OpenSSL.
fwiw, curl can be built against any of three possible crypto backends:
OpenSSL, GnuTLS, or NSS (or it can be built without crypto at all, in
which case it won'
Enigmail is using GPG, which probably uses OpenSSL, so i think it's also
vulnerable to this issue?
Not in any meaningful way.
GnuPG uses libcurl to do things like access remote URLs. libcurl
depends on OpenSSL. So yes, it's possible that a man-in-the-middle
could eavesdrop/alter an SSL co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06.06.14 08:47, Onno Ekker wrote:
> Hi,
>
> Yesterday another OpenSSL was published:
> https://www.openssl.org/news/secadv_20140605.txt
>
> Along with it the security advisory came a fix for servers.
>
> Enigmail is using GPG, which probably u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Onno,
On Fri, 6 Jun 2014 08:47:32 +0200, Onno Ekker wrote:
> Hi,
>
> Yesterday another OpenSSL was published:
> https://www.openssl.org/news/secadv_20140605.txt
>
> Along with it the security advisory came a fix for servers.
>
> Enigmail is u
Hi all,
I am about to make the enigmail UI more convenient/self-explaining.
So, I have the following problem:
I want to give three choices for encryption (and other options):
1) use default setting and rules
2) turn encryption on
3) turn encryption off
Unfortunately there is no 3-way-toggle butto