Closed
Bug 1457575
Opened 6 years ago
Closed 6 years ago
No error given when DH primes are too short
Categories
(Thunderbird :: Security, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1187797
People
(Reporter: randy, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:59.0) Gecko/20100101 Firefox/59.0 Build ID: 20180405092205 Steps to reproduce: Fedora is tightening its security policy[0] to require 2048 bit DH primes in the upcoming Fedora 28 release. Thunderbird does not give an error message when it encounters a server with primes shorter than the crypto policy allows, which makes it difficult to debug. I hit this problem and Thunderbird didn't give any indication that there were errors, it just didn't show me e-mails from my IMAP server. It didn't even indicate that it wasn't connecting to the IMAP server. I ended up using Evolution to see that it was weak DH keys on the server. Can we get Thunderbird to give an error message when this happens? I originally reported this at https://bugzilla.mozilla.org/show_bug.cgi?id=1185060#c13 [0] https://fedoraproject.org/wiki/Changes/StrongCryptoSettings
Comment 1•6 years ago
|
||
Sounds like duplicatre of 1187797
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•