[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nmh-workers] TLS certificate validation
From: |
Lyndon Nerenberg |
Subject: |
Re: [Nmh-workers] TLS certificate validation |
Date: |
Mon, 26 Sep 2016 16:54:10 -0700 |
> On Sep 24, 2016, at 9:00 AM, David Levine <address@hidden> wrote:
>
>> I've been poking around and I see that there is something that MIGHT
>> be worthwhile to look at: something called "trust on first use" (TOFU)
>
> Sounds good to me, I'd use it.
FWIW, this is how Plan 9 (IMAP) does it. On the first connect to a new site
the underlying command bails out after printing a fingerprint of the TLS cert.
You are expected to verify the cert out-of-band (using other tools the OS
provides), and then update a 'trusted certs' file to allow further unfettered
access to the site.
It works well if you're comfortable with that sort of thing. But even with our
relatively savvy user base, it's not going to fly here. And unless you really
know what you're doing, it will do worse for your security outlook than running
over plaintext. (The biggest issue being it ignores certificate expiration
dates.)
The mechanics of doing client cert management are well know and relatively
straight forward. The big problems are: 1) the coding is tedious, and 2)
getting the UI right, in the face of locally-misconfigured-system adversity,
takes a lot of work.
I'd rather we spent the time getting it right. This sounds like a candidate
for a well-focused 1.8 release. Having had to deal with TLS cert management
for IMAP/POP/SMTP (and just plain TLS management) at work, once again, for the
last couple of years, I have much too much knowledge of what *doesn't* work for
end-users :-P
--lyndon
Re: [Nmh-workers] TLS certificate validation, David Levine, 2016/09/24
- Re: [Nmh-workers] TLS certificate validation,
Lyndon Nerenberg <=
Re: [Nmh-workers] TLS certificate validation, Ralph Corderoy, 2016/09/24
Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/24
- Re: [Nmh-workers] TLS certificate validation, Ken Hornstein, 2016/09/24
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Ralph Corderoy, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Ralph Corderoy, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Ken Hornstein, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/25