Stefan Gofferje wrote, on 10.12.2013 16:33: > Maybe the existing options could just be extended, like in the Postfix > setting for TLS, e.g. > > tls_imap_require_cert: no|ask|require Changing the way how existing options work and breaking compatibility to existing configurations is most likely not the best idea;-) > I think, having logical options which are clear to the admin are better > than some implicit consequences which are not not bilaterally logical. > I don't know if I express this right/understandable :). Adding a new option is easy. Done in 30 minutes. I can do it if a official dev says it makes sense and will be added... but I don't get any answers from Bron for very long time now. So I'm pushing the patches I use myself locally to bugzilla waiting for a response. > The background is that a bunch of TLS tutorials on the web include > configuring the CA but not explaining in detail why, so an inexperienced > admin could assume that he should put the CA certificate for the server > cert's CA there. TLS tutorials for cyrus-imapd including tls_ca_path/file by default? Most likely to get rid of the debug warnings. Greetings, Wolfgang -- Wolfgang Breyha <wbreyha@xxxxxxx> | http://www.blafasel.at/ Vienna University Computer Center | Austria ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
