<br><br><div class="gmail_quote">On Fri, Feb 8, 2013 at 2:55 PM, Daniele E. Domenichelli <span dir="ltr"><<a href="mailto:daniele.domenichelli@gmail.com" target="_blank">daniele.domenichelli@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<br>
As you probably already know Dan finally implemented the TLS handler,<br>
and shipped it in master.<br>
<br>
The lack of a TLS handler in 0.5 is in my opinion a quite big security<br>
bug, because in order to connect to a server with a self signed or<br>
expired certificate you have to disable ssl error checks, and therefore<br>
user is completely unprotected from man in the middle and similar attacks.<br></blockquote><div><br></div><div>This is <b>not true</b>.</div><div><br></div><div>If we don't have a handler MC checks the certificate itself. If it's valid it goes through, if it's invalid the channel is rejected.</div>
<div><br></div><div>The problems are:</div><div> - it uses the system certs, not KDE cert rules</div><div> - If it's wrong we can't prompt the user.</div><div><br></div><div>To test this, simply connect to a local prosody server without ticking "ignore ssl errors", it blocks the connection</div>
<div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I think it is quite important to ship the TLS handler in the next 0.5<br>
series releases, for the distros that ship kde telepathy 0.5 and won't<br>
update to 0.6 when it is ready.<br>
Nonetheless there are (at least) 2 problems in this:<br>
<br>
1) The TLS handler dialogs introduce new i18n strings, that will need to<br>
be translated (this might be a problem for translators).<br>
2) The TLS handler introduces new dependencies (this might be a problem<br>
for packagers). </blockquote><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
What is your opinion? Should we just ignore this problem?<br>
<br></blockquote><div> </div><div><div> I don't want to replace this with a system that we've only had for a few days and isn't as well tested as what's in MC.</div><div> </div><div>Whilst Dan's new handler is _frickin' awesome_ I think the new build dep is a serious problem, and I don't want to go round saying we had a security flaw, when we don't.</div>
</div><div><br></div><div>David</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Cheers,<br>
Daniele<br>
_______________________________________________<br>
KDE-Telepathy mailing list<br>
<a href="mailto:KDE-Telepathy@kde.org">KDE-Telepathy@kde.org</a><br>
<a href="https://mail.kde.org/mailman/listinfo/kde-telepathy" target="_blank">https://mail.kde.org/mailman/listinfo/kde-telepathy</a><br>
</blockquote></div><br>