Automatically generated configuration files

Frank Ch. Eigler fche at
Thu Apr 24 14:54:25 UTC 2014

Paul Wouters <paul at> writes:

> [...]
> How many packages would actually perform any kind of "opportunistic
> encryption"? I know the mail servers prefer a selfsigned cert over no
> cert whatsoever, but what other applications have this issue of "better
> unknown certificate than plaintext" ?

Probably all that listen on ssl/tls-capable sockets.  (stap-server &
pcp happen to be ones freshly in mind).  In the absence of
network-layer opportunistic encryption, it's the best we can do.

- FChE

More information about the devel mailing list