Description of feature: s2s_require_encryption has been removed from the distributed configuration file in 5409:8e98a58ab6a3 (April 2013), on the basis that people would switch to s2s_secure_auth. Four years later, there are still way too many self-signed, expired or invalid certificates in the wild for most administrators to enable unconditional certificate validation, while unconditional encryption is in much closer reach. Therefore, I propose to reintroduce s2s_require_encryption in the distributed config file and set it to true by default, in order to fasten its adoption by the entire network.

We should consider this. And the decision predates the whole Snowden thing which highlighted that unauthenticated encryption is still valuable. Because config changes require matching changes to our packages, such changes are best done close to the release when we'll be updating the package anyways.

• tags Status-Accepted Milestone-0.10

Done

• tags Status-Fixed