On 2007-Dec-16, at 15:16 , erik quanstrom wrote:
tls seems like something extra to break. i have several dozen mac/windows users that need detailed instructions for every change. i'm not a security expert. what case that i can't currently see would tls solve for me that's worth the extra configuration. what am i missing?
Starting with RFC 3516 (latest IMAP4rev1), TLS support is mandatory. I'm not sure what problems you're running into with clients -- I've rolled out TLS-aware IMAP clients to hundreds of end-users, and it's no more difficult than any of the other IMAP4 configuration you have to deal with. For most clients these days, enabling TLS involves ticking off a checkbox.
