[aristus]

This looks great. Any tips on how to terminate mixed-mode protocols like MySQL's SSL mode and IMAP's STARTTLS? Vanilla unwrapper daemons generally don't handle the case of initial unencrypted bit twiddling, and then SSL negotiation.

[agwa]

Unfortunately not. STARTTLS is the bane of standalone TLS terminators like titus, which is one of the reasons I really dislike STARTTLS. I won't rule out titus supporting STARTTLS some day, but the idea of integrating parsers for a bunch of different protocols into titus is really unappealing.