On Mon, Feb 22, 2021 at 02:34:20PM +0100, Reto wrote:
> On 22 February 2021 14:10:16 CET, Simon Ser <firstname.lastname@example.org> wrote:>> >The "insecure" option blindly trusts the cert. So I don't think it's a> >big deal to *not* negotiate STARTTLS when insecure is explicitly> >specified by the user.>> That's not what it does in aerc no. "insecure" tries to start a non encrypted plain text connection.> There is no cert involved at all.>> *if* the server advertises support for starttls we bail out saying that this is probably not what you should be doing.> If starttls is available you really should use it. Anything else is most likely a configuration mistake.>> The whole connection string is a frequent point of confusion, people tend to brute force various combinations instead of reading what the options do.> (Based on our bug tracker / irc)> Now, while one can make the point that well this is what you asked for it's rather bad in the above case.
... And that shouldn't have been sent as I was still drafting it.
Disregard it please.
Apparently we do two very different things in the imap connection code and the
smtp connection code.
We need to unify, either way.