[Users] Claws Mail 3.8.1 unleashed!!

Hanno Böck hanno at hboeck.de
Wed Jun 27 16:21:16 CEST 2012


On Wed, 27 Jun 2012 14:48:18 +0100
Paul <claws at thewildbeast.co.uk> wrote:

> 	o don't do TLS if not requested by user. fixes connecting to
>   servers which, for example, want SSL 3 only

There's no pointer to a bug or something alike, but if this does what
it sounds like it is a terribly bad idea.

TLS is the successor of SSLv3 and offers a bunch of useful features.
For example mulptiple certificates on one IP (SNI) and better
cryptography.

If a server wants SSLv3 only, the thing a client app should do is
fallback on sslv3 if tls doesn't work. Forcing old and deprecated SSlv3
on all users just because some server admins think it's a good idea not
to upgrade software within decades is not the way to go.


-- 
Hanno Böck		mail/jabber: hanno at hboeck.de
GPG: BBB51E42		http://www.hboeck.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.claws-mail.org/pipermail/users/attachments/20120627/9cd30259/attachment.sig>


More information about the Users mailing list