Subject: Re: imap-uw package and SSL
To: Frederick Bruckman <fredb@immanent.net>
From: Rick Byers <rb-netbsd@BigScaryChildren.net>
List: tech-pkg
Date: 08/13/2002 17:17:23
On Tue, 13 Aug 2002, Frederick Bruckman wrote:

> It's my understanding that netscape and others would still be able to
> use unencrypted password authentication (as long as you don't set
> IMAP_UW_NOCLEARTEXT to "YES"). Whatever clients are currently working
> without TLS/SSL in the server should work the same with it in.

I tried with Netscape, and Netscape gave me a warning about the server
having an invalid certificate.  If SSL is supported by the server,
Netscape will use STARTTLS.  Sure it will still work, but I don't want my
customers to have to change any settings or accept any new warnings -
otherwise we'll get hundreads of phone calls over the following weeks
(seriously).  I think this is why the imap-uw SSLBUILD file says
specifically to only enable SSL if you actually plan on installing valid
certificates.

Rick