Fwd: Intent to unship: TLS 1.0 and TLS 1.1
kaie at kuix.de
Tue Sep 17 12:12:45 UTC 2019
On 13.09.19 22:01, Rob Lemley wrote:
> I was able to pull some info from Censys:
Thanks Rob, that's very helpful information.
How about we show a notification bar when reading email from an
IMAP/POP3 server, that doesn't support TLS 1.2?
Maybe once per session per server: "The server you're accessing doesn't
support modern transport security: $hostname"
Same could be done after sending an email, in the main mail window, once
per session per server: "Your email was sent through a gateway that
doesn't support modern transport security: $hostname"
That would raise awareness, and make it easier to disable by default in
a future version.
Thoughts about this idea?
Because that requires UI and strings, I'm not sure if this could be done
in a Thunderbird 68.x point release.
If Thunderbird summer 2020 is the first version that displays such
warnings, we'd probably have to postpone disabling by default to a later
More information about the tb-planning