[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Vidalia error message with TorBirdy

anonymous coward:

> Karsten N.:
>> Latest Thunderbird versions enforce STARTTLS if it was selected. The
>> weak option "Use STARTTLS if possible" is not available any more in
>> Thunderbird. You may use IMAP with STARTTLS, if your provider does
>> not offer IMAPS.
> I changed to SSL/993 which should be fine now.
> But, with the latest discussions about Prism and stuff, how much can
> you trust the CAs in web browsers and Thunderbird, after all? Do you
> think CAs are safe from NSA´s games? I would be surprised if they
> were.....

You can't really trust the CAs, at least not from state-level
attackers. And Prism seems to indicate that pretty much all traffic is
subject to recording (and later decryption?) by at least two
state-level attackers: US and UK.

> How does SSL work with Imap in general? When I first connect to the
> imap server it transmitts its certificate, right? Is the certificate
> then stored in Thunderbird or will the certificate transmitted again
> each time you connect to imap server? I think, if the cert gets saved
> in the mail client, it is _some_ protection against the man in the
> middle...!?

IMAPS works by ensuring that an SSL (encrypted) connection is made
before the IMAP connection is made, therefore guaranteeing encrypted
comms. All that is visible to an observer are the IPs and ports
involved, and some information about the crypto being used.

STARTTLS means that the IMAP connection is made first and then the
session is 'upgraded' to become encrypted. This leaves encryption in
the hands of the client and therefore the server can't enforce
encryption. If I understand Karsten's email correctly then Thunderbird
with TorBirdy now enforces the encryption from the client end via
STARTTLS: this is good!

The certificate will be cached in the client, however if the cert is
changed (e.g. MitMed) then the client will accept the new one as long
as it checks out through the regular checking processes. So a MitM
which doesn't involve coercing a CA (or otherwise getting a 'valid'
certificate) should result in Thunderbird throwing a warning, but a
MitM due to a coerced CA will look fine. There are plugins for Firefox
which alert you to a change in certificates, but I'm not aware of any
for Thunderbird.
tor-talk mailing list