Email client: Difference between revisions

From Rixort Wiki
Jump to navigation Jump to search
No edit summary
Line 10: Line 10:
* Only support 'strong' cipher suites.
* Only support 'strong' cipher suites.
* Do not allow connections to servers with invalid certificates, e.g. expiry date in past.
* Do not allow connections to servers with invalid certificates, e.g. expiry date in past.
Security in Python (see [https://docs.python.org/3.6/library/ssl.html#ssl-security SSL security]):
import ssl
context = ssl.create_default_context()
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1


== Notes ==
== Notes ==

Revision as of 18:49, 2 September 2018

Language choice

Use Python for speed of development and cross-platform code.

Security

Security features include:

  • Only support TLS 1.2 and higher.
  • Only support 'strong' cipher suites.
  • Do not allow connections to servers with invalid certificates, e.g. expiry date in past.

Security in Python (see SSL security):

import ssl
context = ssl.create_default_context()
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1

Notes

  • Spawn new thread to send mail asynchronously without affecting the rest of the GUI.