protonmail github addition discussion #2278
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#2278
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
i am unable to find discussion about protonmail. where is it?
"Software Suggestion | ctemplar" which taugt a lot of things.
i am wondering why it is still supporting tls 1.0 & 1.1
It was added a long time, ago. The discussion would have been in the re-vamp PR https://github.com/privacytools/privacytools.io/pull/1672
They do, but there is a server suite preference so, unless the remote email server talks nothing else, it will use newer: https://www.hardenize.com/report/protonmail.com/1620012644#email_tls
@dngray
unless the remote email server talks nothing else
no comments (i have zero knowledge here)but Content Security Policy
Feature not implemented or disabled. Your server doesn't support this feature.
this is worrying me.https://mail.protonmail.com/login
has a CSP@rusty-snake login is only important? all other things unimportant?
Every page of
https://mail.protonmail.com/
I tested (login, inbox, create/new) has a csp.Every page of
https://protonmail.com/
I tested (like blog) has no csp.AV
https://mail.protonmail.com/
: High, untrusted (but sanitized) HTML/CSS of emailAV
https://protonmail.com/
: LowImpact
https://mail.protonmail.com/
: High, emails, password, your personal data, ...Impact
https://protonmail.com/
: Low@rusty-snake thank you. i am still learning so stupid questions.