Il 8/19/13 10:49 AM, Moritz Bartl ha scritto: > On 19.08.2013 09:58, Peter Tonoli wrote: >> To what point will this be? I'd say the majority of SMTP w/ TLS servers >> are using self-signed certificates. It's arguable whether TLS with a >> self signed certificate is any better than just plaintext. > I don't see any point in arguing about that: It is, against any passive > adversary. And that's a lot. > > Yes, of course, you can look and complain about certificates not signed > by one of the happy CAs. Nobody stopping you from adding that capability. :)
There's also an on-going effort to implement this feature into the Tor2web software: https://github.com/globaleaks/Tor2web-3.0/issues/81 I would say that the features will be the same, but the deployment scenario would be different. In the tor2mail postfix approach, this can be integrated into any kind of existing mailserver, while in the Tor2web approach, this would be a standalone SMTP listener for exclusive use. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org -- tor-talk mailing list - [email protected] To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
