[Top] [All Lists]

Re: [nmh-workers] fetchmail and SNI (and pop.gmail.com)

2019-06-28 03:18:50
Hi Ken,

I guess the core issue is that for Google servers when using TLS 1.2
SNI isn't required, but for TLS 1.3 it is; well, let me rephrase that.
If you negotiate TLS 1.3 you get the bogus certificate if you don't
send a SNI.  But it seems like the 'right' solution is we should be
sending a SNI to avoid this problem?

I agree nmh should employ SNI; I was just getting Michael up and running
the simplest way possible.

Cheers, Ralph.


<Prev in Thread] Current Thread [Next in Thread>