[ehhthing]

iOS never supported this configuration regardless, a change in SSL certificate does not cause any kind of notification to the user.

Also, you're basically objecting to the entire idea of PKI for use in IMAP which is incredibly hard to justify. Perhaps you wish to use a different model for your own personal reasons but the default being PKI should not be controversial, and if you want to use your own model you should use a different mail client.

[detourdog]

It did support it. One had to trust the certificate manually. I gave up on self-signed cents about 6 years ago.

[ehhthing]

It supported using self signed certs, but if the server suddenly switched from a self signed to a trusted CA-signed certificate, no prompt would be given. So the idea that self signed certificates are somehow more secure for this specific purpose is incorrect.

[detourdog]

It was a complex Trust relationship and Apple’s it just work was onerous to work around. When security is the top priority I would alway go with self-signed certificates.