 | | From: | Ralf Hildebrandt | | Subject: | Avoid use of TLS when connecting to localhost using IMAP? | | Date: | 21 Jan 2005 09:39:24 GMT |
|
|
 | mutt 1.5.6+20040907i:
How can I avoid the automatic use of TLS when connecting to localhost using
IMAP? Right now, mutt always detects Courier-IMAPs STARTTLS/TLS availability
and uses it. Is there a way of disabling it, short of disabling TLS on
localhost:imap?
|
|
| | From: | Erwan David | | Subject: | Re: Avoid use of TLS when connecting to localhost using IMAP? | | Date: | Fri, 21 Jan 2005 12:51:45 +0100 |
|
|
| Jochen Schulz wrote :
> I don't understand, why anyone would want to do that (except from users
> of *very* old computers), but it's just localhost, so go ahead.
A good reason is that no certificate bears the name localhost.
--
Real programs don't eat cache
|
|
| | From: | Jochen Schulz | | Subject: | Re: Avoid use of TLS when connecting to localhost using IMAP? | | Date: | Fri, 21 Jan 2005 13:56:09 +0100 |
|
|
| * Erwan David:
> Jochen Schulz wrote :
>
>> I don't understand, why anyone would want to do that (except from users
>> of *very* old computers), but it's just localhost, so go ahead.
>
> A good reason is that no certificate bears the name localhost.
But in this case it should be fairly easy to check that the fingerprint
reported by the server is correct. You only have to do that once and ask
mutt to store the certificate. Mutt will warn you when it changes. So
you still have more security than by completely ignoring the
certificate.
J.
--
I wear a lot of leather but would never wear fur.
[Agree] [Disagree]
|
|
| | From: | Jochen Schulz | | Subject: | Re: Avoid use of TLS when connecting to localhost using IMAP? | | Date: | Fri, 21 Jan 2005 11:48:59 +0100 |
|
|
| * Ralf Hildebrandt:
> mutt 1.5.6+20040907i:
>
> How can I avoid the automatic use of TLS when connecting to localhost using
> IMAP? Right now, mutt always detects Courier-IMAPs STARTTLS/TLS availability
> and uses it. Is there a way of disabling it, short of disabling TLS on
> localhost:imap?
First hit for /TLS in manual.txt.gz:
| 6.3.190. ssl_starttls
|
| Type: quadoption
| Default: yes
|
| If set (the default), mutt will attempt to use STARTTLS on servers
| advertising the capability. When unset, mutt will not attempt to use
| STARTTLS regardless of the server's capabilities.
I don't understand, why anyone would want to do that (except from users
of *very* old computers), but it's just localhost, so go ahead.
J.
--
I am on the payroll of a company to whom I owe my undying gratitude.
[Agree] [Disagree]
|
|
| | From: | Ralf Hildebrandt | | Subject: | Re: Avoid use of TLS when connecting to localhost using IMAP? | | Date: | 21 Jan 2005 15:56:00 GMT |
|
|
| On 2005-01-21, Jochen Schulz wrote:
> First hit for /TLS in manual.txt.gz:
>| 6.3.190. ssl_starttls
>|
>| Type: quadoption
>| Default: yes
>|
>| If set (the default), mutt will attempt to use STARTTLS on servers
>| advertising the capability. When unset, mutt will not attempt to use
>| STARTTLS regardless of the server's capabilities.
>
> I don't understand, why anyone would want to do that (except from users
> of *very* old computers), but it's just localhost, so go ahead.
Indeed. I suck. I'll try that right away.
|
|
