STARTTLS and certificates Re: [ANNOUNCE] OfflineIMAP v6.3.4-rc3 released
Daniel Shahaf
d.s at daniel.shahaf.name
Thu Jul 7 19:13:07 UTC 2011
Sebastian Spaeth wrote on Thu, Jul 07, 2011 at 20:35:27 +0200:
> On Thu, 7 Jul 2011 20:21:54 +0300, Daniel Shahaf <d.s at daniel.shahaf.name> wrote:
> > How does STARTTLS interact with certificate validation (eg,
> > 'sslcacertfile' repository config item)? Does it [never..always]
> > verify the server's identity?
>
> It only attempt STARTTLS if it doesn't connect via ssl anyway. And
> certificate validation is only done if you connect via ssl in the first
> place.
Modus ponens: it doesn't verify the peer's identity in STARTTLS mode.
Thanks for the information!
Daniel
>
> Sebastian
More information about the OfflineIMAP-project
mailing list