Mailing List lml@lancaironline.net Message #68926
From: Ralph Love <ralphlove@stanfordalumni.org>
Sender: <marv@lancaironline.net>
Subject: Re: [LML] Yahoo
Date: Fri, 10 Jan 2014 22:51:05 -0500
To: <lml@lancaironline.net>
 Message Header

Undecoded Message
Thanks for telling us what's going on! I have missed about 3 or 4 days LDL

Sent from my iPhone

On Jan 10, 2014, at 12:19 PM, Rob Logan <Rob@Logan.com> wrote:


mail from our server is sent encrypted as much a possible, but Yahoo's new encryption
code fails to connect to ours causing email delays to yahoo and other sites hoisted by
yahoo (sbcglobal.net) for now I have turned off encrypted mail until yahoo fully
implements PFS.


--Yahoo! Mail Now Encrypted by Default
(January 9, 2014)
While Yahoo! has at last adopted default HTTPS encryption for Yahoo!
Mail, the company is facing criticism over its "failure to follow
industry best practices in rolling out" the encryption. Yahoo! has
supported full-session HTTPS since 2012, but until now, it has been an
opt-in feature. Yahoo!'s implementation of HTTPS encryption is not
consistent across servers and includes flaws that leave it vulnerable
to snooping. Yahoo!'s implementation of the encryption is missing what
is known as Perfect Forward Secrecy, which is used by Google, Microsoft,
and Twitter.
http://www.computerworld.com/s/article/9245258/Yahoo_email_encryption_standard_needs_work
http://www.theregister.co.uk/2014/01/09/yahoo_always_on_crypto_unstrong/

               Rob


--
For archives and unsub http://mail.lancaironline.net:81/lists/lml/List.html
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster