subject:"\[liberationtech\] The missing awareness\: SMTP Security Indicator in Email\|WebMail clients"

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

2015-11-11 Thread Rich Kulawiec

On Mon, Nov 02, 2015 at 09:13:08PM +0100, carlo von lynX wrote: [ a bunch of good points and one thing I'd like to expand/elaborate on ] > Correct. Still it makes no sense for benevolent nodes to fabricate > false warnings about insecure TLS usage. Question is if it makes > sense for malevolent

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

2015-11-02 Thread carlo von lynX

Thanks for taking on the challenge to discuss things for real. On Mon, Nov 02, 2015 at 07:11:00AM -0500, Rich Kulawiec wrote: > On Sun, Nov 01, 2015 at 06:42:23PM +0100, carlo von lynX wrote: > > Let's frame the threat models. Bulk collection probably does > > not include using OS backdoors so

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

2015-11-02 Thread Rich Kulawiec

On Sun, Nov 01, 2015 at 06:42:23PM +0100, carlo von lynX wrote: > Let's frame the threat models. Bulk collection probably does > not include using OS backdoors so the suggestion to use mutt > on BSD isn't wrong, but not necessary to move a step forward. And why not? If the endpoints aren't

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

2015-11-01 Thread fauno

"Fabio Pietrosanti (naif) - lists" writes: > - KNOW if emails being received from Mr. X has been in-transit encrypted. there's a thunderbird addon called "paranoia" that does this -- http://endefensadelsl.org -- Liberationtech is public & archives are searchable on

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

2015-11-01 Thread malte

Quoting Fabio Pietrosanti (naif) - lists (2015-10-31 20:02:21) > so, the in-transit email encryption problem isn't yet solved. > > The uses of opportunistic encryption with SMTP STARTTLS help, but also > this is out of the end-user control. I think mail providers should stop accepting starttls

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

2015-11-01 Thread Rich Kulawiec

On Sun, Nov 01, 2015 at 12:32:37PM -0300, fauno wrote: > there's a thunderbird addon called "paranoia" that does this Correction: there's a Thunderbird addon called "Paranoia" that pretends to do this. Everyone should know by now that you can't trust any "Received" headers other than those

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

2015-11-01 Thread carlo von lynX

Let's frame the threat models. Bulk collection probably does not include using OS backdoors so the suggestion to use mutt on BSD isn't wrong, but not necessary to move a step forward. On Sun, Nov 01, 2015 at 05:39:29PM +0100, ma...@wk3.org wrote: > I think mail providers should stop accepting

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

Re: [liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients

7 matches

Site Navigation

Mail list logo

Footer information