New patch series upcoming for the GUI changes

Nicolas Sebrecht nicolas.s-dev at laposte.net
Fri Jan 7 18:18:53 GMT 2011


On Fri, Jan 07, 2011 at 11:26:16AM +0100, Sebastian Spaeth wrote:
> 
> On Thu, 6 Jan 2011 20:53:31 +0100, Nicolas Sebrecht <nicolas.s-dev at laposte.net> wrote:
> > Ok, I see your point now. But you're wrong, the patch should be
> > clear enough to prove you the whole content was not removed.
> 
> OK, my bad. In this case just ignore the copyright removal thing and
> modify my patch. Or should I send an updated one?

Since John don't bother that much for this case, I'll take this version
without changes.

> > I think security issues should come first, but feel free to do whatever
> > you'd like, of course? :-)
> 
> Yes, I'll see what I can do first. Single threading will be a
> prerequisite for better debugging, raising exceptions and seeing where
> they come from is a pain otherwise.
> 
> > What about the tests suites?
> - Restart work on a test suite (reliability tests)
> 
> yep :-). But to be honest, I am a bit unsure about the best strategy
> here now. Given that you clearly prefer the very highlevel tests, I am
> not sure that the test framework I've created so far is the best way to
> go. Not sure how the test suite should be arranged and run.

Ok.

> > I guess you have seen the recent issues about the ssl certificate check
> > failing (probably due to hostname with subdomains). ,-p
> 
> Yep, and strictly speaking the failing is correct as the certificate is
> for a different domain (or the certificate should have been issued for
> *.domain.com). But as that clearly needs to work we should make the
> hostname checking optional somehow. I am not sure if we should have
> something like:
> 
> sslcacertchecking = strict|nohostname
> or
> sslcacerthostcheck = True|False
> 
> which would make these hostname checks optional.

I'm fine with both. The first option looks attractive.

> Also, the mutt way of storing the ssl certificate (fingerprint?) and
> have the user just permanently accept that without the need for CA
> certificates sounds very attractive and promising to me.

Yes, this is the best thing to do.

-- 
Nicolas Sebrecht




More information about the OfflineIMAP-project mailing list