Control: tag -1 + help

Hi intrigeri,

On Tue, Nov 18, 2014 at 02:42:30PM +0100, intrigeri wrote:
> Control: retitle -1 SSL handshakes fails when talking to ISPs with a strict 
> cipher suite
> Control: tag -1 + moreinfo
> 
> Hi,
> 
> Ricardo Mones wrote (03 Nov 2014 22:58:15 GMT) :
> > On Mon, 03 Nov 2014 21:53:05 +0400
> > randomnoize <[email protected]> wrote:
> 
> >> Riseup.net doesn't use STARTTLS, SSL for POP3/IMAP only, and that option
> >> can't be selected from current version of claws-mail
> 
> Actually, the bug title is wrong: Claws Mail from Wheezy works fine
> with IMAP providers that have disabled SSLv2 and SSLv3. However, it
> isn't able to negotiate a shared cipher if the ISP has a strict
> ciphers list, e.g. if they have "!SHA1".

OK, thanks for the correction. Is this only found in wheezy?
IOW, is current jessie/sid version able to negotiate with such servers?
Because I don't remember any fix related to that...

> > Anyway, since you already know this is already fixed in a newer version like
> > current testing, what's your expected result from this bug report?
> 
> The Internet is a moving target, and users may expect that software
> shipped in Debian stable is adjusted, whenever needed, to go on
> inter-operating with other parties who have made sensible security
> decisions. In practice, not doing that on the client site effectively
> blocks some other ISPs from making the security decisions that would
> be appropriate.
> 
> Of course, maintainers' time may be scarce, they might not be willing
> to prioritize what's already in Debian stable, and the effort needed
> to get the needed updates in stable can sometimes be overwhelming.
> If that's the case, IMO a bug report like this very one is useful to
> document the (known) problem, and to make others aware that the
> maintainers are not willing or able to deal with it in stable.
> 
> So, if you, as the maintainer, are not willing / able to deal with
> this problem in stable, I suggest you tag this bug "help"... and
> perhaps give us some pointers wrt. what you expect may be hard in
> dealing with it :)

At this point of the release cycle I'm afraid my priority is next stable,
not the current. And, yes my time is limited, but I can sponsor a stable
upload for next point release if someone is willing and has the time to
fix this for wheezy.

Anyway, if tagging the bug help helps, so it be :)

Since I don't remember fixes related to cyphers, I cannot give you much
pointers, except the poodle related fixes which are clearly visible in
git log's comments: 

http://git.claws-mail.org/?p=claws.git;a=commit;h=c6dc3e22
http://git.claws-mail.org/?p=claws.git;a=commit;h=c556bad4
http://git.claws-mail.org/?p=claws.git;a=commit;h=86c33788

Not sure even if these are relevant to the problem you describe.

Thanks,
-- 
  Ricardo Mones 
  ~
  Absence of evidence is not evidence of absence.          Carl Sagan

Attachment: signature.asc
Description: Digital signature

Reply via email to