Email client: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 10: | Line 10: | ||
* Only support 'strong' cipher suites. | * Only support 'strong' cipher suites. | ||
* Do not allow connections to servers with invalid certificates, e.g. expiry date in past. | * Do not allow connections to servers with invalid certificates, e.g. expiry date in past. | ||
Security in Python (see [https://docs.python.org/3.6/library/ssl.html#ssl-security SSL security]): | |||
import ssl | |||
context = ssl.create_default_context() | |||
context.options |= ssl.OP_NO_TLSv1 | |||
context.options |= ssl.OP_NO_TLSv1_1 | |||
== Notes == | == Notes == |
Revision as of 18:49, 2 September 2018
Language choice
Use Python for speed of development and cross-platform code.
Security
Security features include:
- Only support TLS 1.2 and higher.
- Only support 'strong' cipher suites.
- Do not allow connections to servers with invalid certificates, e.g. expiry date in past.
Security in Python (see SSL security):
import ssl context = ssl.create_default_context() context.options |= ssl.OP_NO_TLSv1 context.options |= ssl.OP_NO_TLSv1_1
Notes
- Spawn new thread to send mail asynchronously without affecting the rest of the GUI.