Martin Lambers:
First, you need a convincing reason to add a feature; the lack of a convincing reason *not* to add it is not sufficient.
Okay. I would use SHA-512 if I could use it. :)
For SHA-3, the same as above applies, but additionally msmtp/mpop should always use the appropriate GnuTLS (or OpenSSL) function to get a fingerprint and should never implement fingerprint calculation themselves. That can only lead to trouble.
I agree.
But msmtp/mpop do not do this: they will never fall back to unencrypted SMTP/POP.
Ah, I was not aware of the no-fallback. There have been quite a few cases of ISPs just filtering out "StartTLS" from Clients to MTAs:
https://www.techdirt.com/blog/netneutrality/articles/20141012/06344928801/revealed-isps-already-violating-net-neutrality-to-block-encryption-make-everyone-less-safe-online.shtml http://www.heise.de/newsticker/meldung/Eingriff-in-E-Mail-Verschluesselung-durch-Mobilfunknetz-von-O2-206233.html
I don't think that is true in general. Do you have any information that supports this claim?Proper TLS beats StartTLS hands-down.
Well one core-argument is the downgrade attack. But someone wrote more about it here: https://www.agwa.name/blog/post/starttls_considered_harmful
Msmtp should now default to the mail submission port 587, with TLS enabled (note that this *requires* STARTTLS). That would require changing the defaults for 'port' and 'tls'. For mpop, only the second applies.
I would welcome a change, but proposing SMTPS on Port 465 instead: again, no StartTLS. But our disagreement is not that relevant, because:
The problem is that 'tls on' as a default does not simply work, because you need at least 'tls_trust_file', and that is unfortunately different everywhere.
That's a very valid point and enough to make me redraw my proposal. :) Thanks for all your work again! -- ilf Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg! -- Eine Initiative des Bundesamtes für Tastaturbenutzung
Attachment:
signature.asc
Description: Digital signature