On Mon, Aug 16 2021, Junio C Hamano wrote: > Jeff King <peff@xxxxxxxx> writes: > >> This is certainly unfortunate, but IMHO is not a hard requirement for >> adding new values. This is no different than a case where we add a new >> config option, but old versions of Git quietly ignore it. >> >> In other words, I would suggest to tighten this as the values are added, >> but not worry about having a "spreading" period. > > I would have agreed with you even in April if this knob were not > about security. Thinking that the user is asking for an encrypted > connection and silently getting an unencrypted connection is not > such a good thing, and advertising "we now improved the distinction > between smtps and starttls easier to express" to users would not > work well in that context. I think per https://lore.kernel.org/git/87o8ejej8m.fsf@xxxxxxxxxxxxxxxxxxx/ that this may not be much of an issue in practice, i.e. assuming that most modern servers only accept auth over the encrypted channel the user will get an error anyway. But how true that is in the wild beyond just the GMail example, I don't know...