#3916: Mutt 1.8: TOFU approach bails out on first fail or reject, not offering
higher links of the cert' chain
--------------------------+----------------------
Reporter: kratem32 | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone: 1.8
Component: crypto | Version:
Resolution: | Keywords: tofu
--------------------------+----------------------
Comment (by kratem32):
Sorry if I wasn't clear enough on how I use this.
If you use it simple as trust on first use, then you are right.
However, the mentioned tutorials as well as my own approach include the
manual verification of the certificate (if available also by using DANE).
This does provide at least the same security as the CA model but reduces
the risk significantly.
How likely is it that this feature will be reintroduced since it is not
considered a bug?
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3916#comment:18>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
