STARTTLS and certificates Re: [ANNOUNCE] OfflineIMAP v6.3.4-rc3 released

[Johannes Stezenbach]

Hi,

On Fri, Jul 08, 2011 at 12:06:37PM +0200, Sebastian Spaeth wrote:
> On Thu, 7 Jul 2011 22:15:47 +0200, Johannes Stezenbach <js at sig21.net> wrote:
> > > Modus ponens: it doesn't verify the peer's identity in STARTTLS mode.
> > > Thanks for the information!
> 
> Yep, that's correct.
>  
> > Which makes it completely useless.  
> 
> That's a bit harsh. It prevents eavesdroppers from getting your
> passwords and your mail contents if they are able to wiretap a connection. It
> won't prevent man-in-the-middle attacks, that is true. And it is why I
> still prefer a "real" ssl connection to my server.

Well, IMHO the point of using encryption is to protect
me from eavesdroppers.  If it doesn't, then it is useless to me.
It's as simple as that.

If you remember CVE-2010-4532, other people seem to have
the same expectation.


> > I remarked about this
> > TODO already in April:
> > http://article.gmane.org/gmane.mail.imap.offlineimap.general/3256
> 
> The thing, is that this is something that probably best belongs into
> imaplib2 itself, which sets up the ssl socket. Otherwise we have to
> override/extend/modify quite some functions in imaplib2 to trick it into
> verifying connections.

Yes, I think imaplib2 should allow to pass the necessary parameters.
It's probably easy to add.

> What we probably could and should do is to document the lack of CA Cert
> verification in the starttls case in offlineimap.conf. 

That's better than giving users a false sense of security.

> P.S. I still don't get why python/openssl don't strictly disable the
> SSLv2 by default, and why there is no convenient method to disable SSLv2
> before python 3.2. I did sent some patches some months back that achieved
> this though.

Every webbrowser allows you to configure which SSL/TLS version to use/allow.
I think that would be appropriate for offlineimap, too.
"Explicit is better than implicit" is what they say in PEP 20.


Thanks
Johannes