cpw.ivan: d849dc2a: This is kind of controversial, but appar...
ivan.komarov at dfyz.info
Tue Nov 2 16:35:28 EDT 2010
Um, I hate e-mail. Here's the part of my first mail to which Paul
refers as an "oversight".
> Adding a dropdown sounds like a reasonable idea. The only thing I'm
> concerned about is (if my understanding of the code is correct) that
> we can silently fallback to plaintext connection when we request an
> SSL connection in aim_srv_requestnew() and the server responds that
> SSL is not availabe by not setting the 0x008e TLV or setting it to
> zero in SNAC 01/05 (which is handled by the redirect() function).
> Should we also error in this situation when the dropdown is set to
> “Require TLS”?
More information about the Devel