On Wed, 6 Mar 2019 04:11:41 +0100
Matija Nalis <mnalis-debian...@voyager.hr> wrote:

...

> "Severity: important" would indicate that package is just one small
> step away from "rendering it completely unusable to everyone", which

According to the documentation, "important" denotes:

"a bug which has a major effect on the usability of a package, without
rendering it completely unusable to everyone."

I would say that that misleading the user about certificate
verification should be considered "a major effect on the usability of
[the] package", but I think we've beat this horse to death, so I defer
to your judgment.

> looks too harsh to me in this case (as in many cases ssmtp is used
> only for non-TLS plaintext SMTP delivery on LAN from satellite
> machines to main MTA, which would then speak TLS to outside world
> etc.)
> 
> "Severity: wishlist" however (as opposed to "normal") subtly
> indicates that there is some functionality that is *missing*, and
> that someone needs to think it over and write it, and that it might
> be a more complicated task and probably not an one-line-fix (and thus
> it would probably left to upstream to fix it, as Debian maintainer in
> most cases won't be fixing it h[im/er]self unless upstream is dead
> and someone else provides a verified good patch). It also indicates
> it might be due to design decisions, like here.
> 
> I do agree completely with you that package should strongly indicate
> in its docs and description about it's TLS deficiencies. If someone
> would write such a documentation patch, perhaps it might have a
> chance to be included. 

I'll try to write something and submit it here.

> [ As a side note, even with certificate checking in place there are a
> lot of problems in todays "zillion untrusted CAs which we trust
> anyway" security model, and even more so if you move from web
> world (where clients try to be secure, and even people might
> sometimes check basic credentials) to unattended MTA world where
> almost nobody does, and vast majority of MTAs will simply by 
> default silently downgrade to plaintext if they think anything 
> might be problematic with TLS support etc. ]

Celejar

Reply via email to