Comment 3 for bug 1040115

Brad, yes, I think it should be out of the conf file. One value should specify if we are expecting TLS. If we are, we should always require and validate a cert. Backing off that rule can be an additional change, but I would prefer if we defaulted to the stronger crypto methd.