Re: [Evolution-hackers] ssl always/when-possible/never etc proposal

From: Jeffrey Stedfast <fejj ximian com>
To: JP Rosevear <jpr novell com>
Cc: Not Zed <notzed ximian com>, evolution-hackers ximian com
Subject: Re: [Evolution-hackers] ssl always/when-possible/never etc proposal
Date: Tue, 24 Aug 2004 14:22:20 -0400

On Tue, 2004-08-24 at 12:54 -0400, JP Rosevear wrote:
> On Tue, 2004-08-24 at 12:19 -0400, Jeffrey Stedfast wrote:
> > On Tue, 2004-08-24 at 12:12 -0400, JP Rosevear wrote:
> > > On Tue, 2004-08-24 at 10:35 +0800, Not Zed wrote:
> > > > On Mon, 2004-08-23 at 16:06 -0400, Jeffrey Stedfast wrote:
> > > > > Since there was confusion again today on the difference between
> > > > > always/whenever-possible, I guess it's a good time to bring this up.
> > > > > 
> > > > > I was thinking in the future, we could re-work the UI for the SSL
> > > > > options to look something more like this:
> > > > > 
> > > > > 
> > > > > 
> > > > > This would make the backend logic a little simpler too, because we
> > > > > would haven't try and guess which SSL method to use based on trial-
> > > > > and-error.
> > > > 
> > > > This seems very technical/meaningless, i dont even know what it means.
> > > > 
> > > > IMHO we should have SSL and TLS separated, they're different.
> > > > "whenver possible" makes absolutely zero sense technically or visibly
> > > > since it doesn't relate to what it appears to be at face value.
> > > > 
> > > > i.e. something to the effect of:
> > > > 
> > > > Security: None / TLS / SSL
> > > > 
> > > > which is what we really mean.
> > > 
> > > But you can use TLS via a secure transmission pipe or not correct?  I
> > > think we need to distinguish those two cases as well otherwise the user
> > > maybe unable to determine the level of security used via the UI.
> > 
> > if the user can't distinguish between "always" and "whenever possible",
> > then they certainly can't distinguish between TLS and SSL.
> 
> They can certainly distinguish between "secure" and "insecure" though if
> we can give them that information (the problem I'm trying to point out
> is that TLS could be either).
> 
> -JP

no, notzed's "TLS" option wouldn't work the same as "ehenevr possible"
does now. instead, what notzed is suggesting is that "TLS" would just
use STARTTLS or fail. Just like "SSL" would use the ssl port or fail.

there would be no "use it only if available" option.

both options are "use it or fail"

Jeff

-- 
Jeffrey Stedfast
Evolution Hacker - Novell, Inc.
fejj ximian com  - www.novell.com

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Follow-Ups:
- Re: [Evolution-hackers] ssl always/when-possible/never etc proposal
  - From: Not Zed

References:
- [Evolution-hackers] ssl always/when-possible/never etc proposal
  - From: Jeffrey Stedfast
- Re: [Evolution-hackers] ssl always/when-possible/never etc proposal
  - From: Not Zed
- Re: [Evolution-hackers] ssl always/when-possible/never etc proposal
  - From: JP Rosevear
- Re: [Evolution-hackers] ssl always/when-possible/never etc proposal
  - From: Jeffrey Stedfast
- Re: [Evolution-hackers] ssl always/when-possible/never etc proposal
  - From: JP Rosevear

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]