On Thu, Aug 31, 2017 at 02:37:56PM +0100, ael wrote: > On Fri, Aug 18, 2017 at 05:16:02PM +0200, Wouter Verhelst wrote:
> > So ship a version of OpenSSL that ships with TLS1.0 and TLS1.1 (aka > > TLS1.old) disabled, but *allow people to re-enable it* if things break > > (without requiring them to compile their own version). By shipping a > > version of OpenSSL that has TLS1.old not even compiled in, you're not > > doing that. > > It seems that Kurte has done this: I just discovered a new version in > unstable. He has provided procedures to permit TLS1.0/1. But the Debian > offlineimap package in unstable has not been modified to support them, > so it is still failing. I have submitted a bug report (against the > Debian package). The obvious stategy would be to add configuration > options to .offlineimaprc. Maybe that is something that might be > supported upstream? Nicolas? May I have pointers to the changes you've seen? I need to have a look at how this was done. If we need to update offlineimap, I'm in favour to support this. However, it is all Debian specific so this might better be done in Debian. I don't know, I need to see more. Also, I'm not sure imaplib2 would need to be updated, too. -- Nicolas Sebrecht _______________________________________________ OfflineIMAP-project mailing list: [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/offlineimap-project OfflineIMAP homepages: - https://github.com/OfflineIMAP - http://offlineimap.org
