man page: fingerprint can be used with SSL

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
This commit is contained in:
Nicolas Sebrecht 2015-09-22 09:07:21 +02:00
parent 71dd03e88c
commit 9143ea5b93

View File

@ -259,8 +259,8 @@ out the connection that is used by default.
+
Unfortunately, by default we will not verify the certificate of an IMAP
TLS/SSL server we connect to, so connecting by SSL is no guarantee against
man-in-the-middle attacks. While verifying a server certificate fingerprint is
being planned, it is not implemented yet. There is currently only one safe way
man-in-the-middle attacks. While verifying a server certificate checking the
fingerprint is recommended. There is currently only one safe way
to ensure that you connect to the correct server in an encrypted manner: you
can specify a 'sslcacertfile' setting in your repository section of
offlineimap.conf pointing to a file that contains (among others) a CA