[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Thoughts on proxy setup wrt insecure connections
On 2/28/2011 6:35 PM, Lucky Green wrote:
Thanks. I'll plead (somewhat) ignorant. What's the diff - if any -
between "using the STARTTLS" command & choosing "use TLS/SSL" under
Server Settings>Connection Security in email client (i.e.,
Thunderbird). That's assuming _email server(s) use this & instruct to
set up email client w/ these settings_?
On 2011-02-28 16:05, Joe Btfsplk wrote:
Where would the "STARTTLS" command be used?
Would it be a permanent change to some config file (until changed back)
or used manually on each start?
This article is good intro to how the STARTTLS command would be used:
In short, the client sends the STARTTLS command to the server to
indicate a desire to use TLS encryption for the connection.
STARTTLS is most widely used with SMTP, POP, and IMAP.
The genesis of the STARTTLS command was a realization that the earlier
approaches to adding TLS security to existing TCP protocol-based
services suffered from a systemic flaw: "wrapping" the connection in TLS
and offering the "wrapped" service on a different port in effect
required doubling the number of assigned ports. One port for the
cleartext version, one port for the TLS version.
(This turned out to be less of a problem in practice than anticipated at
the time of the creation of the STARTTLS command, as the growth of
encryption was paralleled by a reduction in ports on which many hosts
connected to the Internet may transmit packets due to ISP level
filtering and the rise of NAT. But that's a discussion for a different
When you say, "you can use the STARTTLS command," it indicates manually
entering the command - thus, my orig question - where would it be used
if simply using an email client?
Is the command necessary or just redundant if email client and email
servers you're are using TLS / SSL for POP3 / SMTP?
tor-talk mailing list