diff options
author | Eduardo Chappa <chappa@washington.edu> | 2019-06-30 20:21:45 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2019-06-30 20:21:45 -0600 |
commit | a094f94f7c2a1156c5ffc9cbf37cd482d5f8468f (patch) | |
tree | fbf67d075e4054de067f613dc328dc925585fc44 /pith | |
parent | abeb2c25935ef8c75f1e5deef0f81276754dc975 (diff) | |
download | alpine-a094f94f7c2a1156c5ffc9cbf37cd482d5f8468f.tar.xz |
* Update to some documentation on security using SSL, TLS and STARTTLS.
Diffstat (limited to 'pith')
-rw-r--r-- | pith/pine.hlp | 102 |
1 files changed, 99 insertions, 3 deletions
diff --git a/pith/pine.hlp b/pith/pine.hlp index 9a3752bb..9457f6fa 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 352 2019-06-22 10:13:44 +Alpine Commit 353 2019-06-30 20:21:37 ============= h_news ================= <HTML> <HEAD> @@ -1690,6 +1690,13 @@ a folder-collection, or a news or SMTP server). This will disable certificate validation. On the other hand, if you are attacked, you will get no warning if you do this. +<P> When you get a error indicating a self-signed certficate from the +remote server, you can download and install the certificate for that +server. Avoid using the /NoValidate-Cert modifier. Alpine cannot help you +with this process because certificates are part of the system and are not +under the control of the user. Find directions on how to download and +install certificates for your system using your favorite search engine. + <P> <End of Cert Validation Failures help> </BODY> @@ -20867,7 +20874,8 @@ If that fails then a non-encrypted connection will be attempted instead. This is a unary parameter indicating communication with the server must take place over a TLS connection. If the attempt to use TLS fails then this parameter will cause the connection to fail instead of falling -back to an unsecure connection. +back to an unsecure connection. <A href="h_security_considerations">Learn more</A> +about security considerations when you use this option. <P> <CENTER><SAMP>/tls</SAMP></CENTER> @@ -20988,7 +20996,8 @@ It indicates that the connection should be made to the Submit server (<A HREF="http://www.ietf.org/rfc/rfc2476.txt">RFC 3676</A>) (port 587) instead of the SMTP port (25). At the time this help was written the submit option was equivalent to -specifying port 587. +specifying port 587. <A href="h_security_considerations">Learn more</A> +about security considerations when you use this option. <P> <CENTER><SAMP>/submit</SAMP></CENTER> @@ -21093,6 +21102,93 @@ specification by concatenating the parameters. For example: <End of help on this topic> </BODY> </HTML> +======= h_security_considerations ======= +<HTML> +<HEAD> +<TITLE>SSL, TLS, STARTTLS and More Security Considerations</TITLE> +</HEAD> +<BODY> +<H1>SSL, TLS, STARTTLS and More Security Considerations</H1> + +The purpose of this text is to educate users on how to best choose +the type of security connection to a remote server using the SSL and TLS +encryption protocols. + +<P> +In the past, and when Alpine originally started to support encrypted connections +to remote servers, the /ssl modifier was needed, and it meant any of the SSLv2 +or SSLv3 protocols. Those encryption protocols are considered not fully secure +anymore, and in fact, you might not be able to use them anymore. + +<P> Today the /ssl modifier means to use the most secure encryption +protocol between your version of Alpine and what the server supports. This +might mean more modern protocols, such as TLS 1.0, TLS 1.1, etc. As of +this writing, Alpine supports connection using TLS 1.3. These protocols +are considered more secure today and they should be preferred over the old +SSL protocols. + +<P> A source of confusion for Alpine users might be the meaning of the +modifier /tls with respect to the names of the encryption protocols, such +as TLS 1.2. The meaning of /tls is to start an encrypted connection to a +server after an insecure connection has been established, and we will +discuss this later in this help text. + +<P>The best way to start an encrypted connection to a server is to use the +/ssl modifier. If your provider allows encrypted connections on port 993 +for IMAP, or port 995 for POP3, or in port 465 for SMTP, just define your +server by adding the /ssl modifier and do not add the port to the server. +Alpine knows that the secure connection will be done in the correct port, +and will use the most secure encryption available between Alpine and the +server. You only need to use the port number when it is different from the +default port numbers for this type of connections, and those were given +above. + +<P>Most email service providers identify secure connections by saying +"SSL or TLS". In this case, use the /ssl modifier, and only use +the port number in case it is different to the ones above. + +<P>If your service provider says to use STARTTLS, then you need to use the +/tls modifier. If your service provider gives you the option to use SSL or +TLS and to use STARTTLS choose the secure port and choose the /ssl +modifier. This is because connections using the /tls modifier can be +attacked and your username and password can be stolen by a hacker. The next +paragraph describes in short how to do this. + +<P> When you use the /tls modifier, Alpine connects insecurely to the +remote server. Because the connection is insecure, it is possible that you +connect to a different server, which connects you to the real server. This +is called "man-in-the-middle" attack, and so your communication +will pass through the hackers computer before it reaches the real target. +An example of a possible man-in-the-middle is your internet service provider, +or your employer in some instances. +This means that the hacker can modify the replies from the correct server +and give you the illusion of security before you are actually connected to +the secure server. Therefore, you might disclose your username and +password to the hacker before you establish a secure connection to the correct +server. + +<P> Therefore, if possible avoid using STARTTLS (for IMAP and POP) or SUBMIT +for SMTP (in port 587), as these are subject to attack. If possible +ask your provider for secure connections for SSL or TLS in the secure ports +993 for IMAP, 995 for POP or 465 for SMTP. + +<P> In the current state, even as of TLS 1.3, these protocols are considered +secure but they do not protect your privacy. For example your internet +service provider might track to which servers you are connecting securely. +Encryption protocols are evolving to not only protect the security of your +data, but also your privacy. + +<P> Other type of errors can lead to insecure connections. An example is +when the name of the server as provided by the user does not match the +name of the name of the server in the certificate. +<A href="h_tls_validation_failure">Read more</A> about security errors +of this type and learn how to protect yourself against this type of +errors. + +<P> +<End of help on this topic> +</BODY> +</HTML> ======= h_composer_cntxt_server ======= <HTML> <HEAD> |