That sounds like a terrible idea.. unless you meant to make reportbug try STARTTLS in that case and then fail if this doesn't work.
But if the user asked for an encrypted communication, the app should not fall back to sending it in clear text. That's the basis of all the nastiness of downgrade attacks that could happen with STARTTLS and other protocols that permit this kind of fallback. The best option here should be to have a clear error message of what didn't work. -- Gabriel Filion
signature.asc
Description: OpenPGP digital signature
