Package: ftp.debian.org Severity: normal Please remove starttls from the archives.
As bug 499774 (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499774) says, it has no support for SSL certificate verification and because of this, it can not be used in production if you want the added security of SSL. Even without this features, it can be used to connect servers on which plain text is not supported (but the user wants to connect anyway and wish to ignore the MITM risks). Also, as a testing tool and as the only tool to use from Emacs to connect SSL services (smtp/imap/pop, jabber, etc). Nowadays all of these uses cases are handled better otherwise. Emacs supports gnutls-cli since ages and testing can be performed with openssl's s_client -starttls option or with gnutls-cli --starttls. All in all, I do not think that this is badly needed anymore. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org