On Wed, Dec 08, 2010 at 08:45:30AM +0100, Alexander Reichle-Schmehl wrote: > #603450 is a bug (currently with severity grave, Justification: user > security hole), as offlineimap does no ssl certificate checking.
Could you explain why it should be acceptable to announce secure operation but ignore the very basic principles of it? #564690 is an old example of the same problem. > There's patch floating arround, which has a major regression: It doesn't > work for users of self signed certificates. >From what I've seen in the bug, even you should be able to fix that. Bastian -- ... bacteriological warfare ... hard to believe we were once foolish enough to play around with that. -- McCoy, "The Omega Glory", stardate unknown -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org