no common encryption algorithms
-
- Posts: 630
- Joined: September 18th, 2004, 5:16 am
no common encryption algorithms
The last few weeks I've been getting messages like this:
Thunderbird and http://www.whatever.com cannot communicate securely because they have no common encryption algorithms.
when I open some messages. I've grubbed around and found that the solution is apparently to get to tools options advanced general config editor, but then I'm stymied. The solutions all wander off to firefox threads and are unclear as to what to do for thunderbird.
Does anyone know exactly what I am to do once I click on config editor?
I should add, it does let me read the email, but I'd like to turn off the annoying message.
Thank you.
Thunderbird and http://www.whatever.com cannot communicate securely because they have no common encryption algorithms.
when I open some messages. I've grubbed around and found that the solution is apparently to get to tools options advanced general config editor, but then I'm stymied. The solutions all wander off to firefox threads and are unclear as to what to do for thunderbird.
Does anyone know exactly what I am to do once I click on config editor?
I should add, it does let me read the email, but I'd like to turn off the annoying message.
Thank you.
- tanstaafl
- Moderator
- Posts: 49647
- Joined: July 30th, 2003, 5:06 pm
Re: no common encryption algorithms
What version of Thunderbird are you using?
If you are trying to have youtube send you a message its a question of what ciphers your email provider uses. That shouldn't be a problem with popular free email providers such as gmail, outlook, yahoo, zoho, gmx etc. or major ISPs such as Comcast, AT&T, Verizon, and TWC. What email provider are you using?
https://www.ssllabs.com/ssltest/analyze ... Results=on lists the cipher suites that youtube uses (at the bottom). You can compare that with what searching for ssl3 in the config editor (tools -> options -> advanced -> general) returns. It lists ciphers such as security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256 which I believe is equivalent to (from ssltest)
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) ECDH x25519 (eq. 3072 bits RSA) FS 128
Some related threads :
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was an ancient version of TB)
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was ancient version of TB)
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was bad choice of ciphers by email provider)
http://forums.mozillazine.org/viewtopic ... lit=cipher (not sure whose fault, but probably email providers)
http://forums.mozillazine.org/viewtopic ... lit=cipher (due to user downgrading to a older version of Thunderbird)
If you are trying to have youtube send you a message its a question of what ciphers your email provider uses. That shouldn't be a problem with popular free email providers such as gmail, outlook, yahoo, zoho, gmx etc. or major ISPs such as Comcast, AT&T, Verizon, and TWC. What email provider are you using?
https://www.ssllabs.com/ssltest/analyze ... Results=on lists the cipher suites that youtube uses (at the bottom). You can compare that with what searching for ssl3 in the config editor (tools -> options -> advanced -> general) returns. It lists ciphers such as security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256 which I believe is equivalent to (from ssltest)
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) ECDH x25519 (eq. 3072 bits RSA) FS 128
Some related threads :
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was an ancient version of TB)
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was ancient version of TB)
http://forums.mozillazine.org/viewtopic ... lit=cipher (problem was bad choice of ciphers by email provider)
http://forums.mozillazine.org/viewtopic ... lit=cipher (not sure whose fault, but probably email providers)
http://forums.mozillazine.org/viewtopic ... lit=cipher (due to user downgrading to a older version of Thunderbird)
-
- Posts: 630
- Joined: September 18th, 2004, 5:16 am
Re: no common encryption algorithms
I'm not sure how youtube comes into this. As far as I know I have never been sent email by youtube. The comments about ssl3 are all Greek to me.
I have gmail, which thunderbird pulls down.
The most frequent emails that get this complaint are from FedEx.
I will look at your links, thank you.
I have gmail, which thunderbird pulls down.
The most frequent emails that get this complaint are from FedEx.
I will look at your links, thank you.
-
- Posts: 630
- Joined: September 18th, 2004, 5:16 am
Re: no common encryption algorithms
Okay, I scanned the links, and it's clear I would probably destroy thunderbird if I tried to do any of this. I had been hoping for some simple fix to just suppress the error message, For that matter, I'd like a turn off the certificate warning message as well, since I get that a lot and it has never been a valid problem. Apparently the world is full of major sites using badly named certificates.
- tanstaafl
- Moderator
- Posts: 49647
- Joined: July 30th, 2003, 5:06 pm
Re: no common encryption algorithms
Clicking on http://www.whatever.com/ goes to https://www.youtube.com/user/whatever . I took you literally. It sounds like you meant it as a made up generic URL.karenanne wrote:I'm not sure how youtube comes into this. As far as I know I have never been sent email by youtube.
If you get those messages in a Gmail account I wouldn't expect you to have a problem with ciphers between Gmail and Thunderbird. Could the problem be displaying remote images in a HTML message from FedEx because it uses a secure connection to fetch the remote image?karenanne wrote:The most frequent emails that get this complaint are from FedEx.
Or do you mean clicking on a link in a message from FedEx that takes you to to the FedEx web site?
I suggest you see if the problem occurs if you set view -> message body as -> plain text and then view the FedEx message. That might not be as easy to read as the HTML version, but would help troubleshoot whats going on.
It would also be useful to see if you have a problem viewing the web site if you copy and paste the FedEx link in the message to Firefox's address bar. Typically Thunderbird and Firefox have identical certificates and cipher suites.
-
- Posts: 630
- Joined: September 18th, 2004, 5:16 am
Re: no common encryption algorithms
Thanks, I'll try that the next time I get an email that complains.
I did mean whatever as a placeholder.
Even when I accept the error message, images in the FedEx emails do not display. (I get the error message in some other emails, FedEx is just the one I remember at the moment.) I do now suspect the images are the problem, but let me see what happens as I get emails over the next few days.
Thanks again.
I did mean whatever as a placeholder.
Even when I accept the error message, images in the FedEx emails do not display. (I get the error message in some other emails, FedEx is just the one I remember at the moment.) I do now suspect the images are the problem, but let me see what happens as I get emails over the next few days.
Thanks again.
-
- Posts: 630
- Joined: September 18th, 2004, 5:16 am
Re: no common encryption algorithms
Re: I suggest you see if the problem occurs if you set view -> message body as -> plain text and then view the FedEx message. That might not be as easy to read as the HTML version, but would help troubleshoot whats going on.
plain text works with no error messages. (I was actually wrong, it's UPS emails that are complaining the most, although I see it with some others. The shipper changed from FedEx to UPS awhile back and I forgot.)
plain text works with no error messages. (I was actually wrong, it's UPS emails that are complaining the most, although I see it with some others. The shipper changed from FedEx to UPS awhile back and I forgot.)
- tanstaafl
- Moderator
- Posts: 49647
- Joined: July 30th, 2003, 5:06 pm
Re: no common encryption algorithms
I don't know what to suggest as my copy of Firefox has no problem making a secure connection to https://www.ups.com/us/en/global.page and Firefox and Thunderbird usually support the same ciphers. Perhaps the message is trying to link to a different host (not the main web site).
See if you can spot the img src link (that makes a secure connection using https) using control-U or view -> message source. If you can, please copy and paste it.
<IMG SRC="https://flagship.vanguard.com/web/images/marker.jpg"/>
is an example.
See if you can spot the img src link (that makes a secure connection using https) using control-U or view -> message source. If you can, please copy and paste it.
<IMG SRC="https://flagship.vanguard.com/web/images/marker.jpg"/>
is an example.
-
- Posts: 630
- Joined: September 18th, 2004, 5:16 am
Re: no common encryption algorithms
There are three images that don't show up in the current message.
One has the alternate text UPS My Choice Driver and in the source I found
<img src=3D"http://www.ups.com/img/email_driver.png" width=3D"600" he=
ight=3D"121" alt=3D"UPS My Choice driver" border=3D"0" >
Clicking on it in the email does nothing.
Another doesn't display alt text but when I click on it I get to a url starting with https://upsmychoicedeals.com There is no url like that in the source.
The other has alt text download the UPS mobile app. Here's the source fragment for that
href=3D"https://m.ups.com/content/us/en/appdown ... ">Download =
the UPS mobile app</a></td>
when I click on it it gets to https://www.ups.com/us/en/services/tracking/mobile.page
I'm getting somewhat confused here.
One has the alternate text UPS My Choice Driver and in the source I found
<img src=3D"http://www.ups.com/img/email_driver.png" width=3D"600" he=
ight=3D"121" alt=3D"UPS My Choice driver" border=3D"0" >
Clicking on it in the email does nothing.
Another doesn't display alt text but when I click on it I get to a url starting with https://upsmychoicedeals.com There is no url like that in the source.
The other has alt text download the UPS mobile app. Here's the source fragment for that
href=3D"https://m.ups.com/content/us/en/appdown ... ">Download =
the UPS mobile app</a></td>
when I click on it it gets to https://www.ups.com/us/en/services/tracking/mobile.page
I'm getting somewhat confused here.
- tanstaafl
- Moderator
- Posts: 49647
- Joined: July 30th, 2003, 5:06 pm
Re: no common encryption algorithms
Only the last two links use secure connections. I sent a message with those links to myself and clicked on them in Thunderbird. They were displayed in Firefox, with no problem.
-
- Posts: 630
- Joined: September 18th, 2004, 5:16 am
Re: no common encryption algorithms
I guess I'm sunk. I have no idea what's going on, and now also email from the USPS also requires multiple clicks to display.
Is there any way I can turn off that notification confirmation panel showing up? I would be happy just to get rid of those, forget getting the images to display.
Is there any way I can turn off that notification confirmation panel showing up? I would be happy just to get rid of those, forget getting the images to display.
- tanstaafl
- Moderator
- Posts: 49647
- Joined: July 30th, 2003, 5:06 pm
Re: no common encryption algorithms
I don't know of a way to disable the error message popup unless it lets you check a checkbox to create a security exception.