On 1/28/20 9:23 PM, Craig Small wrote: > My personal preference is to lock them down by default, by setting both > to mode 2. FWIW: I agree. Unless massive breakage is expected, the default should be the most secure option. If you default to secure and that breaks something, people will be motivated to fix it (either the root issue or by changing the setting). If you default to compatible, very few people will find the option and tweak it, so most people will lose out on the security. If there is massive breakage, you can back it off, of course. -- Richard
Attachment:
signature.asc
Description: OpenPGP digital signature