[dovecot] Re: Some experiences

Amelia A.Lewis amyzing at talsever.com
Sun Jan 5 07:30:32 EET 2003 

On Sat, 04 Jan 2003 21:05:48 -0800 Jesse Peterson
<jpeterson275 at attbi.com> wrote:

> Amelia A.Lewis wrote:
> > It turns out that digest-md5 support for clients is, well, not very
> > widespread.  I expect this box to be used by various windoze
> > clients, eventually, and while I'm willing to lay down the law a
> > little, I can't find enough digest-md5 support to lay down that law.
> >  So, regretfully, I abandoned that plan.  This kinda bothers me,
> >  since I think TLS/STARTTLS is absolutely the *wrong* solution for
> >  mailbox access (or for anything that deals with a store-and-forward
> >  transport).
> 
> Not to be confrontational at all, but I'm very curious as to why you 
> have such an aversion to SSL/TLS for IMAP access?  I think actualy an 
> entirely encrypted transport for something as (possibly sensitive)
> email is a good thing.

That's exactly why.

TLS doesn't secure email.  It secures this particular transaction over
IMAP.  Worse, from my particular perspective, it's the preferred
solution to secure authentication, which means that lighter-weight
solutions that protect only the authentication secret are much less
available.

TLS also tends to be associated with ecommerce, and the famous (or
possibly notorious) lock icon.  It has a widespread connotation of
comfortable security which, of course, IMAP+TLS alone cannot by any
means actually guarantee.

My particular installation is supposed to protect the authentication
secret, only, because I don't want someone using the system to think "my
email is secure" because it runs over a TLS session.  It isn't.

Secure email means end-to-end, an agreement between the people who are
exchanging it and a willingness to encrypt (and usually to store
encrypted).  I dislike the impression given by TLS that it's a magical
solution to the problem of security (which one hears from programmers
that ought to know better, btw ... create an insecure system, and answer
questions about security with "anyone worried about it can use SSL!").

But we're off topic, I think, and I'm ranting, because I ended up
needing to use the heavyweight solution as client support for the
solutions I prefer doesn't seem to be out there.  Which is prolly why I
made the snide and unnecessary remarks in the first place.

Amy!
-- 
Amelia A. Lewis                    amyzing {at} talsever.com
  Light is the left hand of darkness
  and darkness the right hand of light.
    Two are one, life and death, lying
    together like lovers in kemmer,
      like hands joined together,
      like the end and the way.
        -- Tormer's Lay [Ursula K. Le Guin, "The Left Hand of Darkness"]

More information about the dovecot mailing list