Author aclover
Recipients aclover
Date 2014-02-25.18:35:02
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1393353302.45.0.453637573784.issue20770@psf.upfronthosting.co.za>
In-reply-to
Content
This could potentially be considered a security issue as it would allow a MitM attacker to sabotage the STARTTLS and get the rest of the content in the clear.

I don't personally consider it too serious as I doubt anyone is (a) relying on the security of this for lowly mail and (b) has the rest of the context stuff set up to validate the TLS connection properly anyhow, but there's an argument for sec bug.
History
Date User Action Args
2014-02-25 18:35:02acloversetrecipients: + aclover
2014-02-25 18:35:02acloversetmessageid: <1393353302.45.0.453637573784.issue20770@psf.upfronthosting.co.za>
2014-02-25 18:35:02acloverlinkissue20770 messages
2014-02-25 18:35:02aclovercreate