Ramkumar Ramachandra <artag...@gmail.com> writes:

> John Keeping wrote:
>> I don't think this is really "fix", it's more plastering over the
>> problem.
> It defaulted to SSL_VERIFY_NONE before Net::SMTP::SSL was updated, and
> the behavior hasn't changed now.  The new version simply asks us to be
> explicit about SSL_VERIFY_NONE, so we are aware about it.

"We" as "the Git developers", yes. But your change makes sure users are
_not_ aware about it. There's a long history of software ignoring SSL
certificates by default, I don't think we should cast in stone that we
don't want SSL certificate verification.

Matthieu Moy
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to