Fetch icon indicating copy to clipboard operation
Fetch copied to clipboard

Published 20 hours ago verified publisher icon tedious

Insecure default connection flags

Open ccpp opened this issue 6 years ago • 0 comments

Can you explain why you do not per default validate the IMAP peer certificate in STARTTLS mode? To me this looks like a bad practice solution to TLS connection "errors" (as they are often found as "accepted answers" on stack overflow or similar.)

https://github.com/tedious/Fetch/blob/9a1b0eb87d343eb0c8c57acb33973c594b8aca8d/src/Fetch/Server.php#L134

(this is upstream for https://github.com/kartolo/direct_mail/issues/163)

ccpp avatar Jul 12 '19 21:07 ccpp