Changes

 * We hope that autoconfig in general will let more A goal of the move toward automatic configuration of accounts is to move users use from insecure email service to email service over encrypted channels (as with SSL and TLS) and to email service that employs secure mechanisms of authentication.* The A risk here is that we Thunderbird find and offer a configuration parameters that contains mail specify the use of an attacker’s servers operated by an attacker. E.g. Emily ** Example: A user wants to set up emilyconfigure an account with the email address example@example.net, but we find a configuration Thunderbird finds operable parameters for example.net that includes imap, the parameters specify the use of mailbox host mail.evil.com. Thenexample (a host under the control of an attacker), eviland the attacker obtains the user’s password.com would gain Emily's ** Example: A user wants to configure an account with the email passwordaddress example@example. Or imapnet, mail.example.net (a host under the control of the provider of the user’s email service) offers SSLservice over encrypted channels, an attacker manages to provide configuration parameters to Thunderbird, the parameters specify the use of mailbox host mail.example.net, the parameters specify the use of unencrypted channels, the parameters specify the passage of unencrypted passwords, but the attacker manages employs man‐in‐the‐middle techniques to return a config without SSL nor password encryptionspy on the user, and then using a MITM to read the cleartext attacker obtains the user’s password.* To find the configretrieve configuration parameters, we chose https (including insisting Thunderbird will use HTTP on a transport of SSL and or on a proper transport of TLS. Thunderbird will abort the retrieval if the server presents an improper certificate) . We chose this protocol over DNS, because it's our choice being more securethan DNS is.