STARTTLS issue with sieve

Heiko Schlittermann hs at schlittermann.de
Sun Jul 9 19:48:15 EEST 2017


Alexander Dalloz <ad+lists at uni-x.org> (So 09 Jul 2017 13:14:56 CEST):
…
> It is wrong to send the root CA along with the intermediate and server
> certificates. The root CA cert must be in the CA trust bundle of the client.

I wouldn't say it is wrong. But it should be useless, as the client
wont trust the root CA it received. The client should trust only its
copy of the root CA.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20170709/0fd57210/attachment.sig>


More information about the dovecot mailing list