On Wed, Sep 13, 2006 at 08:00:20PM +0700 or thereabouts, Thomas Fernandez wrote:
Hi Thomas, > On Tue, 12 Sep 2006 16:52:48 -0500 GMT (13/09/2006, 04:52 +0700 GMT), > Gary wrote: > > G> The protocol as you call it, (SSL, TLS) does not define that the certs have > G> to be valid, never has. It is the client, TB!, that has decided for me not > G> to accept it. It should be always up to the user to accept *any* cert. > Every > G> email client I have ever used with IMAP (about 30+ of them), over the last > G> 10 years, allows one to accept a cert for whatever reason, if I so choose, > G> either on a temp or permanent basis, EXCEPT TB! > I don't know about IMAP. But I second the motion that the user should > have the option to accept an invalid certificate, for whatever reason. hear, hear :) > It's the user's responsibility if he compromises his system, and I am > certainly against being nannied by a software that is used by email > professionals. In the case of email, there is really nothing to compromise... I or anyone still has to authenticate into the system. SSL just provides me a way so that no one else can possibly listen in :) Sometimes you will come across a website using SSL, and your browser will tell you the cert is outdated or does not match, or whatever reason... you certainly have the option to click through this to see or use the site. This is similar to email, in that you have an option to use the cert or not, and you still have the original intended security as you have to auth... I could not agree with you more on your above statement :) The reality of it is that I cannot use it because of they way it is currently, and this is crazy. I just love it when a program tries to protect me from myself.. let alone the fact that I have been building IMAP, email, DNS servers professionally now in Unix/Linux, for what... 8 or 10 years. -- Gary ________________________________________________________ Current beta is 3.85.03 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
