Thunderbird and Pretty Easy Privacy - current status
sebix at sebix.at
Sat Feb 27 15:14:50 UTC 2016
On 02/27/2016 12:31 PM, Volker Birk wrote:
> If you'll have a look on p≡p's business homepage, it's this:
Thanks for pointing this out. There are so many pEp-websites out there
:) One about the product, the project and the foundation.
Your mail also addresses some issues I raised in my mail on this topic,
which I wrote before yours arrived (because of list moderation?).
> Please check the certificate. You'll see that's the Let's encrypt compromize.
> But there is a very good reason to have a CAcert for the source code: actually,
> this is one of the only concepts for X.509, which really can transport trust.
> And accessing the source code of a security relevant software is a thing where
> a MITM is a relevant attack vector.
>> It might be a sad day, but our users are not privacy oriented, bug savy or
> I'm fully agreeing to this statement. But it's sad exactly the same way, that
> the same users don't care for the source code. And if you'll have a look on
> what is using a CAcert, it's just the source code, nothing else. Everything
> where you have to just click to get it to work is using Let's encrypt – for
> the exact reason you're giving here.
>> Is P=P based on using certificates from a CA that can not get itself
>> integrated into Firefox?
> No. p≡p in no way is dependent on CAcert. Hernani is working on a whitepaper
> about how p≡p is working. We've it now in the review process. After it's ready,
> I will give a note here.
> tb-planning mailing list
> tb-planning at mozilla.org
> python programming - mail server - photo - video - https://sebix.at
> cryptographic key at https://sebix.at/DC9B463B.asc and on public keyservers
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the tb-planning