offlineimap.conf: improve documentation on SSL, mark tls_level experimental

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-10-12 06:42:29 +02:00 · 2015-10-12 06:42:29 +02:00 · e2f2ec16a5
commit e2f2ec16a5
parent f03afcd224
1 changed files with 11 additions and 3 deletions
--- a/offlineimap.conf
+++ b/offlineimap.conf
@ -637,11 +637,14 @@ remotehost = examplehost

 # This option stands in the [Repository RemoteExample] section.
 #
-# SSL version (optional).
+# Set SSL version tu use (optional).
 #
 # It is best to leave this unset, in which case the correct version will be
 # automatically detected. In rare cases, it may be necessary to specify a
-# particular version from: tls1, ssl2, ssl3, ssl23 (SSLv2 or SSLv3)
+# particular version from: tls1, ssl2, ssl3, ssl23 (SSLv2 or SSLv3).
+#
+# See the configuration option tls_level to automatically disable insecure
+# protocols.
 #
 #ssl_version = ssl23

@ -651,9 +654,14 @@ remotehost = examplehost
 # TLS support level (optional).
 #
 # Specify the level of support that should be allowed for this repository.
-# Can be used to disallow insecure SSL versions. Supported values are:
+# Can be used to disallow insecure SSL versions as defined by IETF
+# (see https://tools.ietf.org/html/rfc6176).
+#
+# Supported values are:
 # tls_secure, tls_no_ssl, tls_compat (the default).
 #
+# This option is EXPERIMENTAL.
+#
 #tls_level = tls_compat