FS#1519 : Please "support" TLS 1.2 instead of requiring it for emails

Status Closed
Percent Complete
100%
Task Type Security Issue
Category HyperMail/Mail Service → Mail Service Issue
Assigned To No-one
Operating System All
Severity High
Priority Very Low
Reported Version 1.0
Due in Version Undecided
Due Date Undecided
Votes
Private

Attached to Project: Services
Opened by adfeno - 18/07/2020
Last edited by coadde - 27/04/2021

FS#1519 - Please "support" TLS 1.2 instead of requiring it for emails

The requirement for TLS 1.2 in email effectively isolated us from internet, and yelling for change isn’t working even in communications with other free/libre system distributions and mailing lists related to free/libre software (both for software and for discussions related to the movement itself). :)

Many mailing lists at gnu.org, fsf.org, fsfla.org, libreplanet.org, and also in other free/libre system distributions aren’t accessible (e.g.: Trisquel).

Closed by coadde
27.04.2021 23:06
Reason for closing: Won't fix

Comments (3)
Related Tasks (0/0)

adfeno commented on 18.07.2020 22:29

N18:35:40 - pehjota: […] ot everything needs to be encrypted, and for things that do need it, encrypting traffic between MTAs is often not sufficient (mail may still be stored unencrypted on an untrustworthy provider's IMAP server).

I get wanting to encrypt all the things to hide sensitive traffic among normal traffic (making targeting more difficult), but refusing to talk at all with anyone not implementing the strictest of standards doesn't really help with that in practice. It actually means less encrypted traffic.

Supporting TLS 1.2 is great, but requiring it is somewhat self-defeating, and OpenPGP is in some ways better.

adfeno commented on 18.07.2020 22:45

Last message was quoted from irc://chat.freenode.net/#trisquel-dev .

coadde commented on 27.04.2021 23:06

Hyperbola email services (including mailing list) use OpenSMTPD.
The OpenSMTPD contains only "SMTPD" protocol and only allow to configure with TLSv1.2 (and TLSv1.3 in future opensmtpd package); or without "security" (and without "password").
I cannot setup optional TLS, due any user access the emails without security mechanism, except TLS.
And I forced TLS on received email to reduce SPAM.
I will not change SMTPD server and set this bug as won't fix.

Thanks for reporting this problem.

	Tasks related to this task (0)

Date	User	Effort (H:M)

watch my effort tracking timers

Loading...

Keyboard shortcuts

Available keyboard shortcuts

Alt + ⇧ Shift + l Login Dialog / Logout
Alt + ⇧ Shift + a Add new task
Alt + ⇧ Shift + m My searches
Alt + ⇧ Shift + t focus taskid search

Tasklist

o open selected task
j move cursor down
k move cursor up

Task Details

n Next task
p Previous task
Alt + ⇧ Shift + e ↵ Enter Edit this task
Alt + ⇧ Shift + w watch task
Alt + ⇧ Shift + y Close Task

Task Editing

Alt + ⇧ Shift + s save task