[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] TLS certificate validation

From: Lyndon Nerenberg
Subject: Re: [Nmh-workers] TLS certificate validation
Date: Mon, 26 Sep 2016 16:59:23 -0700

> On Sep 24, 2016, at 9:43 AM, Jeffrey Honig <address@hidden> wrote:
> Any system that does not maintain up-to-date certificates is just broken; an 
> invitation for security vulnerabilities to be exploited in situations where 
> expired or revoked certificates can be exploited.  Validating the certificate 
> chain should be the default and any other option available should come with 
> language that strongly discourages their use.  Doing anything else would be 
> giving people a false sense of security.

The tricky part of this is writing the fall-back code in the client.  And 
especially for nmh, where 24x7 always-connected-via-ethernet-to-the-internet is 
not a given.

There are a lot of fallback scenarios that have to be dealt with if we are to 
preserve the security (and therefore trust) model implied by TLS.

It's enlightening to read the HIPAA security requirements for email.  That's 
the security regime I work in, and it *really* makes you pay attention to what 
*all* the components of your systems are doing.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]