[PATCH] Re: Implement SSL certificate checking

Sebastian Spaeth Sebastian at SSpaeth.de
Tue Dec 14 19:37:39 GMT 2010


On Tue, 14 Dec 2010 19:35:00 +0100, Nicolas Sebrecht <nicolas.s-dev at laposte.net> wrote:
> [ Please, don't cull the cc list. ]

Sorry, git send-email again. Won't happen again.
 
> This commit message is poor. Explain here _why_ this patch.

Righto. Will improve the commit message. This patch would probably need
splitting into 2-3 separate patches anyway, and I just wanted to get it
out for review quickly. That's why I didn't spent too much time
composing it (also it was 5am or so :-)).

Before this goes in, I would love to have it tested by a few persons
(first on some unimportant accounts :-)) to see that it works in various
situations.

But, given your side note on Debian, it seems we can take our time. I
think this patch does the right thing in general by making Certificate
checks possible, but not mandatory and also keeps Python 2.4/2.5
compatability (just not allowing certificate checks there).

> > This should make debian happy. 
> Me too, BTW. 

Me too, I actually never thought about certificate validation, but given
that it was never done, I could just as well have used non-SSL on the
airport :-(. So I will be glad if this goes in in one way or the other.

> That said, the documentation needs to be updated too.
> Touching offlineimap.conf is enough. I in the work of a SGML to REST
> migration for our main documentation.

Yep, the documentation would need an update, will add an update to the
full offlineimaprc in the next version. Good to know you are
working on the SGML conversion.

Sebastian




More information about the OfflineIMAP-project mailing list