[ksmtp] [Bug 394770] New: STARTTLS is restricted to TLS 1.0

Sun May 27 22:43:18 BST 2018

https://bugs.kde.org/show_bug.cgi?id=394770

            Bug ID: 394770
           Summary: STARTTLS is restricted to TLS 1.0
           Product: ksmtp
           Version: unspecified
          Platform: Other
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: kdepim-bugs at kde.org
          Reporter: joerg.kde at thalheim.io
  Target Milestone: ---

KSmtp makes the assumption that TLSv1 is equal to STARTTLS

https://github.com/KDE/ksmtp/commit/e83911f9d1963b5e7181932960f999f331b4a5f9#commitcomment-29146023

This is incorrect as STARTTLS is independent from the protocol version used for
cryptography.
In turn it is not possible to use newer TLS version such as v1.1 or v1.2.
Also it is not possible to use TLS 1.0 on ports without STARTTLS.

A workaround at the moment is to enable smtps (smtp without STARTTLS) on a
different port to allow modern TLS version.

When fixing this issue, please also consider renaming SSL to SSL/TLS
and the current TLS option to STARTTLS in the encryption selection of Kmail.
This creates less confusion and follows other email clients such as
Thunderbird.

This bug is related to the same limitation in KImap tracked in:
https://bugs.kde.org/show_bug.cgi?id=394769

-- 
You are receiving this mail because:
You are the assignee for the bug.