Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.sys.raspberry-pi > #9450 > unrolled thread
| Started by | Unknown <dog@gmail.com> |
|---|---|
| First post | 2015-08-19 03:55 +0000 |
| Last post | 2015-08-19 13:38 +0000 |
| Articles | 2 — 2 participants |
Back to article view | Back to comp.sys.raspberry-pi
This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by
below is the oldest one visible, not the original post.
Re: Why can't RPi email? Unknown <dog@gmail.com> - 2015-08-19 03:55 +0000
Re: Why can't RPi email? Joe Beanfish <joebeanfish@nospam.duh> - 2015-08-19 13:38 +0000
| From | Unknown <dog@gmail.com> |
|---|---|
| Date | 2015-08-19 03:55 +0000 |
| Subject | Re: Why can't RPi email? |
| Message-ID | <pan.2015.08.19.03.59.07@gmail.com> |
On Fri, 31 Jul 2015 19:25:12 +0000, Martin Gregorie wrote: > On Fri, 31 Jul 2015 17:06:22 +0000, Frank Miles wrote: > >> This is on a new RPi-2 with a Edimax (realtek) wifi device. Raspbian >> with all updates. >> > When was your last update? > >> The one possible questionable message is in /var/log/mail.info, it has >> lines indicating that SSL connection is attempting to use >> RSA_ARCFOUR_SHA1. Is that what it should be using? >> > A number of SSL encryption standards have recently been deprecated > recently because they're fundamentally broken and, as a result, are > being removed. This is why you may have also seen HTTPS connection > refusals if you're using the latest Firefox version: its the same thing. > > If you, as the client end (still using a deprecated cypher), try to open > an encrypted connection to a server that no longer supports that cypher, > then you'll get the connection request refused with that type of > rejection. > > Unless you're an SSL maven about all you can do is update your RPi and, > if the problem is still there, raise a bug with the the RPi sendmail > maintainers. > > The same thing can also bite you the other way round: I had a problem > last week when Firefox 39.0, which no longer supports the deprecated > cypher, got its https connection refused by a government server[1] which > *only* supported the deprecated cypher. I fired up an old version of > Opera (12.16), guessing that used the deprecated cypher. It did, and I > was able to use it to do the job. I also raised a bug with the server > admins, who are on the case and seemed happy to get the heads-up, but > are taking their time to get the change made (probably due to the > bureaucratic faff that impacts any changes made to a government or > banking server). > > [1] a helpful bunch of sysadmins, so no names, no pack drill except > to say it isn't a UK Government server The original RFCs for eg. email were nice and simple. Then they introduced <sender authenticate> which wasn't a problem to extend the code to handle. But this SSL?TLS is a whole extra dark-layer and I can't find out how to test it decoupled/separate from the old familiar code. We DIY enthusiasts are getting squeezed out, by big commercial interests. Everything seems to be going httpS !
[toc] | [next] | [standalone]
| From | Joe Beanfish <joebeanfish@nospam.duh> |
|---|---|
| Date | 2015-08-19 13:38 +0000 |
| Message-ID | <mr20rq$ieu$2@dont-email.me> |
| In reply to | #9450 |
On Wed, 19 Aug 2015 03:55:09 +0000, Unknown wrote: > The original RFCs for eg. email were nice and simple. > Then they introduced <sender authenticate> which wasn't a problem to > extend the code to handle. But this SSL?TLS is a whole extra dark-layer > and I can't find out how to test it decoupled/separate from the old > familiar code. > > We DIY enthusiasts are getting squeezed out, by big commercial > interests. > Everything seems to be going httpS ! Nope, not commercial interests, criminals. Just like in real life the more criminals there are the more security is needed. More security generally involves more inconvenience and expense for the defenders. It's a never ending escalation on both sides which makes it hard for the DIY to keep up.
[toc] | [prev] | [standalone]
Back to top | Article view | comp.sys.raspberry-pi
csiph-web