From cce6e3905c62ae2ffbddbea4d8ff4ed4fd253329 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Thu, 16 Jul 2009 19:50:12 +0000
Subject: TODO: sslfingerprint and thereabouts.

svn path=/branches/BRANCH_6-3/; revision=5388
---
 TODO.txt | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'TODO.txt')

diff --git a/TODO.txt b/TODO.txt
index a6186a1f..97305e01 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -90,6 +90,10 @@ questionable:
 - CRYPTO: perhaps port to NSS? Check license and features and required procedure
   changes. - Redhat Bugs #333741 (crypto consolidation), #346891 (port fetchmail to NSS)
 - CRYPTO: make the SSL default v3 (rather than v23).
+- CRYPTO: remove sslfingerprint? too easily abused (see NEWS)
+- CRYPTO: force sslcertck
+- CRYPTO: by default forbid cleartext or other compromising password
+  schemes over insecure connections?
 - put more hints to the FAQ (should we call it FGA?) as first support place
 - make sure we print socket error messages such as connection reset by
   peer to hint users the problem is not in fetchmail
-- 
cgit v1.2.3