[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Plaintext passwords IMAP please!



> > > however teaching all the clients that they should trust a
> > self-signed cert
> > > sure isn't, so this may not be a viable option for you anyway.
> >
> > Sounds like an Outlook Express issue to me.  Don't blame SuSE for
> > Microsoft's
> > shortcomings.
>
> absolutely disagree with you. Whilst I too love to bash M$, this is nothing
> to do with them. It is already a huge task to educate end-users about only
> trusting signed certs. To then re-educate them that certain self-signed
> certs are safe is asking too much.

Most clients will cache the cert so that they don't have to ask you every time.
Henning stated that Mozilla does.  Putty does.  So, that makes it an MS issue,
because they don't let you cache it.


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here