* On 2002.06.04, in <[EMAIL PROTECTED]>, * "Aaron Schrab" <[EMAIL PROTECTED]> wrote: > At 23:25 -0700 03 Jun 2002, Jeremy Lin <[EMAIL PROTECTED]> wrote: > > I'm connecting to a server that supports both imap and imaps, and even though > > I'm setting mutt to connect via imap, it asks me about the certificate and > > then seems to connect with SSL anyway. Is this a feature, or is something > > mixed up on my end? If it's a feature, I don't think it's a good one. > > This is a feature, and I suspect that you'd be in a minority for > thinking that having security is a bad thing. Also, this feature is
I'm not sure about that. It depends on setting -- in some cases, I might really want to connect on a plaintext port and not negotiate TLS -- for example, if I'm testing my IMAP server, or debugging my client's SSL installation through contrapositive proof. :) > needed for connecting securely to servers that don't accept connections > on the imaps port, but instead support the STARTTLS extension on the > normal imap port. You can likely disable this feature with "set > ssl_starttls=no". Yes, exactly -- it should never use SSL when told not to, but setting ssl_starttls is equivalent to telling mutt to use TLS when available. -- -D. [EMAIL PROTECTED] NSIT University of Chicago
