summaryrefslogtreecommitdiff
path: root/pith
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2019-06-30 20:21:45 -0600
committerEduardo Chappa <chappa@washington.edu>2019-06-30 20:21:45 -0600
commita094f94f7c2a1156c5ffc9cbf37cd482d5f8468f (patch)
treefbf67d075e4054de067f613dc328dc925585fc44 /pith
parentabeb2c25935ef8c75f1e5deef0f81276754dc975 (diff)
downloadalpine-a094f94f7c2a1156c5ffc9cbf37cd482d5f8468f.tar.xz
* Update to some documentation on security using SSL, TLS and STARTTLS.
Diffstat (limited to 'pith')
-rw-r--r--pith/pine.hlp102
1 files changed, 99 insertions, 3 deletions
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 9a3752bb..9457f6fa 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
reasonable place to be called from.
Dummy change to get revision in pine.hlp
============= h_revision =================
-Alpine Commit 352 2019-06-22 10:13:44
+Alpine Commit 353 2019-06-30 20:21:37
============= h_news =================
<HTML>
<HEAD>
@@ -1690,6 +1690,13 @@ a folder-collection, or a news or SMTP server). This will
disable certificate validation. On the other hand, if you are attacked,
you will get no warning if you do this.
+<P> When you get a error indicating a self-signed certficate from the
+remote server, you can download and install the certificate for that
+server. Avoid using the /NoValidate-Cert modifier. Alpine cannot help you
+with this process because certificates are part of the system and are not
+under the control of the user. Find directions on how to download and
+install certificates for your system using your favorite search engine.
+
<P>
&lt;End of Cert Validation Failures help&gt;
</BODY>
@@ -20867,7 +20874,8 @@ If that fails then a non-encrypted connection will be attempted instead.
This is a unary parameter indicating communication with the server must
take place over a TLS connection. If the attempt to use TLS fails then
this parameter will cause the connection to fail instead of falling
-back to an unsecure connection.
+back to an unsecure connection. <A href="h_security_considerations">Learn more</A>
+about security considerations when you use this option.
<P>
<CENTER><SAMP>/tls</SAMP></CENTER>
@@ -20988,7 +20996,8 @@ It indicates that the connection should be made to the Submit server
(<A HREF="http://www.ietf.org/rfc/rfc2476.txt">RFC 3676</A>)
(port 587) instead of the SMTP port (25).
At the time this help was written the submit option was equivalent to
-specifying port 587.
+specifying port 587. <A href="h_security_considerations">Learn more</A>
+about security considerations when you use this option.
<P>
<CENTER><SAMP>/submit</SAMP></CENTER>
@@ -21093,6 +21102,93 @@ specification by concatenating the parameters. For example:
&lt;End of help on this topic&gt;
</BODY>
</HTML>
+======= h_security_considerations =======
+<HTML>
+<HEAD>
+<TITLE>SSL, TLS, STARTTLS and More Security Considerations</TITLE>
+</HEAD>
+<BODY>
+<H1>SSL, TLS, STARTTLS and More Security Considerations</H1>
+
+The purpose of this text is to educate users on how to best choose
+the type of security connection to a remote server using the SSL and TLS
+encryption protocols.
+
+<P>
+In the past, and when Alpine originally started to support encrypted connections
+to remote servers, the /ssl modifier was needed, and it meant any of the SSLv2
+or SSLv3 protocols. Those encryption protocols are considered not fully secure
+anymore, and in fact, you might not be able to use them anymore.
+
+<P> Today the /ssl modifier means to use the most secure encryption
+protocol between your version of Alpine and what the server supports. This
+might mean more modern protocols, such as TLS 1.0, TLS 1.1, etc. As of
+this writing, Alpine supports connection using TLS 1.3. These protocols
+are considered more secure today and they should be preferred over the old
+SSL protocols.
+
+<P> A source of confusion for Alpine users might be the meaning of the
+modifier /tls with respect to the names of the encryption protocols, such
+as TLS 1.2. The meaning of /tls is to start an encrypted connection to a
+server after an insecure connection has been established, and we will
+discuss this later in this help text.
+
+<P>The best way to start an encrypted connection to a server is to use the
+/ssl modifier. If your provider allows encrypted connections on port 993
+for IMAP, or port 995 for POP3, or in port 465 for SMTP, just define your
+server by adding the /ssl modifier and do not add the port to the server.
+Alpine knows that the secure connection will be done in the correct port,
+and will use the most secure encryption available between Alpine and the
+server. You only need to use the port number when it is different from the
+default port numbers for this type of connections, and those were given
+above.
+
+<P>Most email service providers identify secure connections by saying
+&quot;SSL or TLS&quot;. In this case, use the /ssl modifier, and only use
+the port number in case it is different to the ones above.
+
+<P>If your service provider says to use STARTTLS, then you need to use the
+/tls modifier. If your service provider gives you the option to use SSL or
+TLS and to use STARTTLS choose the secure port and choose the /ssl
+modifier. This is because connections using the /tls modifier can be
+attacked and your username and password can be stolen by a hacker. The next
+paragraph describes in short how to do this.
+
+<P> When you use the /tls modifier, Alpine connects insecurely to the
+remote server. Because the connection is insecure, it is possible that you
+connect to a different server, which connects you to the real server. This
+is called &quot;man-in-the-middle&quot; attack, and so your communication
+will pass through the hackers computer before it reaches the real target.
+An example of a possible man-in-the-middle is your internet service provider,
+or your employer in some instances.
+This means that the hacker can modify the replies from the correct server
+and give you the illusion of security before you are actually connected to
+the secure server. Therefore, you might disclose your username and
+password to the hacker before you establish a secure connection to the correct
+server.
+
+<P> Therefore, if possible avoid using STARTTLS (for IMAP and POP) or SUBMIT
+for SMTP (in port 587), as these are subject to attack. If possible
+ask your provider for secure connections for SSL or TLS in the secure ports
+993 for IMAP, 995 for POP or 465 for SMTP.
+
+<P> In the current state, even as of TLS 1.3, these protocols are considered
+secure but they do not protect your privacy. For example your internet
+service provider might track to which servers you are connecting securely.
+Encryption protocols are evolving to not only protect the security of your
+data, but also your privacy.
+
+<P> Other type of errors can lead to insecure connections. An example is
+when the name of the server as provided by the user does not match the
+name of the name of the server in the certificate.
+<A href="h_tls_validation_failure">Read more</A> about security errors
+of this type and learn how to protect yourself against this type of
+errors.
+
+<P>
+&lt;End of help on this topic&gt;
+</BODY>
+</HTML>
======= h_composer_cntxt_server =======
<HTML>
<HEAD>