[Evolution-hackers] "Use secure connection" confusion

From: Matthew Barnes <mbarnes redhat com>
To: evolution-hackers gnome org
Subject: [Evolution-hackers] "Use secure connection" confusion
Date: Mon, 22 Nov 2010 11:47:33 -0500

I have a stupid question.

I've been converting the various address book and calendar backends to
my key-file based ESource proposal, and in several configuration dialogs
such as LDAP address books and GroupWise calendars, I see this setting
with choices in a combo box:

   Use secure connection: SSL encryption
                          TLS encryption
                          No encryption

But the backends that offer those choices all have a very different
interpretation of them:

   Use secure connection: Always
                          When Possible
                          Never

First of all, why the disparity between the combo box label (first set)
and the actual meaning (second set)?  I've never understood why I need
to choose between SSL and TLS encryption in the first place.  Changing
these combo box labels to match their actual meaning strikes me as an
obvious improvement to help clarify things, or am I missing something
that's supposed to be implied by choosing between SSL and TLS?

But before we fix that, read on.

What is the value of a "When Possible" option anyway?  The option itself
seems dangerous to begin with, especially since the UI does not indicate
whether your network connection is encrypted or not [1].  If I want an
encrypted connection, I WANT AN ENCRYPTED CONNECTION.  I can't imagine a
use case where I would say "Well, encrypt my sensitive data if you can
but otherwise go ahead and send it in the clear.  Oh, and don't bother
telling me which one you've chosen either."

But labeling the option as "TLS encryption" seems downright misleading,
and I bet it explains more than a few bugs I've seen over the years from
users that selected encryption but then found their data is still being
transmitted in the clear.

These options have a foul legacy odor to them, because newer backends
like Google and CalDAV just have a straight-forward checkbox:

   [x] Use secure connection

(or [x] Use SSL or [x] Secure connection ... I'll make it consistent)

So unless I'm completely missing the value of a "When Possible" option,
could we please ditch it and just use a checkbox across the board?  It
would simplify the UI, it would simplify the GSettings schemas, it would
simplify the logic that honors it, and it would make Evolution a little
more internally consistent.


[1] Having a little lock icon next to sidebar items with encrypted
    network connections is a feature worth considering regardless.

Follow-Ups:
- Re: [Evolution-hackers] "Use secure connection" confusion
  - From: Yves-Alexis Perez

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]