Re: Optical analog computing?
R. A. Hettinga wrote: ... the first computer to crack enigma was optical the first synthetic-aperture-radar processor was optical but all these early successes were classified -- 100 to 200 projects, and I probably know of less than half. -- Do these claims compute?! is this really a secret history, or does this mean holography, of am I just completely out of the loop?1 Gimme a break. This is remarkable for its lack of newsworthiness. 1) Bletchley Park used optical sensors, which were (and still are) the best way to read paper tape at high speed. You can read about it in the standard accounts, e.g. http://www.picotech.com/applications/colossus.html 2) For decades before that, codebreakers were using optical computing in the form of superposed masks to find patterns. You can read about it in Kahn. 3) People have been doing opto-electronic computing for decades. There's a lot more to it than just holography. I get 14,000 hits from http://www.google.com/search?q=optical-computing Optical info is a complex-valued wave (spatial frequency, amplitude and phase) It isn't right to make it sound like three numbers (frequency, amplitude, and phase); actually there are innumerable frequencies, each of which has its own amplitude and phase. lenses, refractions, and interference are the computational operators. (add, copy, multiply, fft, correlation, convolution) of 1D and 2D arrays and, of course, massively parallel by default. and, of course, allows free-space interconnects. Some things that are hard with wires are easy with light-waves. But most things that are easy with wires are hard with light-waves. Here's a commercialized effort from israel: a space integrating vector-matric multiplier [ A ] B = [ C ] laser- 512-gate modulator - spread over 2D 256 Teraflop equivalent for one multiply per nanosecond. People were doing smaller versions of that in the 1980s. Unclassified example: acousto-optic spectrometer, 500 Gflops equivalent (for 12 watts!) doing continuous FFTs. Launched in 1998 on a 2-year mission. Submillimeter wave observatory. Not FFTs. FTs. Fourier Transforms. All you need for taking a D=2 Fourier Transform is a lens. It's undergrad physics-lab stuff. I get 6,000 hits from: http://www.google.com/search?q=fourier-optics Of course, the rest of the talk is about the promise of moving from optoelectronic to all-optical processors (on all-optical nets with optical encryption, so on). All optical??? No optoelectronics anywhere??? That's medicinal-grade pure snake oil, USP. Photons are well known for not interacting with each other. It's hard to do computing without interactions. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
VeriSign Sells CALEA-Ware to Arrival, Cellular Mobile Systems,and First Cellular
http://finance.lycos.com/home/news/print_story.asp?story=28919712 Story Url: http://finance.lycos.com/home/news/story.asp?story=28919712 VeriSign Signs Arrival, Cellular Mobile Systems, and First Cellular For NetDiscovery Services 2 Oct 2002, 08:01am ET - - - - - /FROM PR NEWSWIRE SAN FRANCISCO 415-543-7800/ [STK] VRSN [IN] TLS NET CPR [SU] CON TO BUSINESS AND TECHNOLOGY EDITORS: VeriSign Signs Arrival, Cellular Mobile Systems, and First Cellular For NetDiscovery Services Trusted Nationwide Infrastructure Supports Turnkey Solution Enabling All Types Of Carriers to Comply with CALEA Easily at Low Cost MOUNTAIN VIEW, Calif., Oct. 2 /PRNewswire-FirstCall/ -- VeriSign, Inc. (NASDAQ:VRSN), the leading provider of digital trust services, announced today that three new contracts have been executed for their NetDiscovery(TM) Services, the most complete outsourced solution available for compliance with the Communications Assistance for Law Enforcement Act (CALEA). Arrival Communications, a competitive local exchange carrier (CLEC) that provides voice and data services to underserved cities throughout California, and regional wireless carriers Cellular Mobile Systems of St. Cloud and First Cellular of Southern Illinois, have deployed VeriSign's NetDiscovery Services as a cost-efficient means of meeting their obligations under CALEA, the congressional mandate requiring carriers to support law enforcement agencies in conducting lawfully authorized intercepts of communications content and call data. VeriSign's trusted network infrastructure, secure data centers and security bureau personnel uniquely position the company to serve the CALEA, subpoena, and judicial order compliance needs of all types of telecommunications carriers and information service providers as well as law enforcement agencies. VeriSign NetDiscovery Services offer us a streamlined, affordable solution for provisioning, access, and delivery of call information to law enforcement agencies (LEAs), said Tony DiStefano, CEO of Arrival Communications. CALEA compliance can be simply cost-prohibitive for smaller wireless carriers because we are required to maintain the same level of capabilities as our much larger competitors but we have far fewer subscribers to spread the cost over, said Terry Addington, the President and CEO of First Cellular of Southern Illinois. In our 10 years of service we never had an intercept request. To spend hundreds of thousands of dollars for a solution at our size just didn't make sense. For us, the VeriSign NetDiscovery service bureau is the perfect solution to meeting our preparedness obligation. In addition to the potentially high cost of network upgrades, non- compliant carriers could face a fine of $10,000 per day for each intercept request from law enforcement agencies. VeriSign's NetDiscovery is a valuable solution to help carriers comply with CALEA, in particular relieving us of the administrative headaches involved with administering the legal orders, so we can focus on other, revenue generating services, said Sandy Bromenschenkel of Cellular Mobile Systems. VeriSign's nationwide network infrastructure, digital certificate/PKI technology and secure data centers enable us to provide a service bureau solution that saves carriers the burden of significant capital and operating expenses, said Raj Puri, VP - NetDiscovery Services for VeriSign Telecommunication Services. In addition, VeriSign's trusted solution advances public networking by maintaining streamlined connections for multiple carriers and switches. VeriSign's NetDiscovery solution manages the call content and call data intercept, provisions the intercept event, converts calls and call data into a required legal standard format, and delivers the call data and call content directly to the law enforcement monitoring facilities using highly secure IP- VPN technologies. About Arrival Communications Arrival Communications is a competitive local exchange carrier (CLEC), providing voice and data services to underserved cities throughout California. The company offers a full suite of business products including, SDSL and T1 broadband Internet access and local, centrex, long-distance, toll free, voice mail, and teleconferencing voice services. Founded by a group of individuals with extensive experience in the telecommunications industry, the privately held company based in Bakersfield, California utilizes a highly trained, direct sales force to proactively design cost-effective voice and data solutions for small to medium sized companies. Voice over DSL and other advanced technologies allow Arrival to deliver business telecommunications services at costs well below the traditional telephone company. For more information, visit www.arrival.com. About VeriSign VeriSign, Inc. is the leading provider of digital trust services that enable everyone, everywhere to engage in
ECHELON news
from NewsScan. NSA UPGRADES SOFTWARE FOR MONITORING INTERNET CHATTER The National Security Agency has signed a $282-million contract with Science Applications International Corp. in San Diego for new software designed to improve the Agency's abilities to sort through millions of electronic communications sent worldwide. Richard A. Best of the Congressional Research Service explains, There's a ton more communications out there, and how to sift through that is an increasing problem for the NSA, for which it offers profound 'needle-in-a-haystack' challenges. (AP/San Jose Mercury News 30 Sep 2002) http://www.siliconvalley.com/mld/siliconvalley/4186846.htm -- ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Optical analog computing?
At 01:30 AM 10/2/2002 -0400, John S. Denker wrote: R. A. Hettinga wrote: ... the first computer to crack enigma was optical 1) Bletchley Park used optical sensors, which were (and still are) the best way to read paper tape at high speed. You can read about it in the standard accounts, e.g. http://www.picotech.com/applications/colossus.html But Colossus was not for Enigma. The bombes used for Enigma were electro-mechanical. I'm not aware of any application of optical techniques to Enigma, unless they were done in the US and are still classified. And clearly, the first bulk breaks of Enigma were done by the bombes, so I guess it depends whether you count bombes as computers or not, whether this statement has any credibility at all. Greg. Williams/Zenon 2004 campaign page: http://www.ben4prez.org Greg Rose INTERNET: [EMAIL PROTECTED] Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199 Level 3, 230 Victoria Road,http://people.qualcomm.com/ggr/ Gladesville NSW 2111232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
Matthew Byng-Maddick wrote: | On Wed, Oct 02, 2002 at 10:04:03AM -0500, Jeremey Barrett wrote: | |BTW, most and probably all of the major mail clients out there will do |STARTTLS *for SMTP*. It's a matter of servers offering it and clients |being configured to actually use it. It'd be nice if they always used it |if it's available, but right now I think they all require being told to. | | | I have to say that much as it is a laudable goal to get widespread | encryption on the SMTP server network, I'm rapidly coming to the conclusion | that opportunistic encryption in this way doesn't really work. Consider | where one side believes that it will only accept certificates signed by a | particular CA (a perfectly plausible scenario in the case of SSL/TLS), and | I hand it a self-signed one - this is not communicable before the connection | starts up, and in-protocol, a failure to apply policy causes the connection | to be shut down (this is by no means the only one, consider one side that | only use DES and the other that never use it), leaving the connection in an | undefined state. | Opportunistic SSL/TLS will only work if people configuring it are of the mind that it's better to encrypt than not. No public SMTP server should require valid certificates or give any more trust over SSL than they do over not-SSL. This way, the links get encrypted. Anything else (on public SMTP servers) is misconfiguration. Now you could *add* trust, as appropriate, if you do see certs (or whatever) that you like, but it's always better to encrypt than not, even if no additional trust is gained. Jeremey. -- Jeremey Barrett [[EMAIL PROTECTED]]Key: http://rot26.com/gpg.asc GnuPG fingerprint: 716E C811 C6D9 2B31 685D 008F F715 EB88 52F6 3860 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
In message [EMAIL PROTECTED], John Saylor writes: Hi ( 02.10.02 12:50 -0500 ) Jeremey Barrett: but it's always better to encrypt than not, even if no additional trust is gained. While I generally am on board with this, I can see a situation where the encryption overhead [and complexity] may be excessive [underpowered mail servers administered by beginners] compared to the gains. The primary use of STARTLS for SMTP is for mail *submission*, not relaying. That is, when clients (like Eudora) generate mail, they submit it to an ISP or organizational SMTP server. If this server is accessible from the Internet, it should require some sort of authentication, to avoid becoming an open spam relay. This is sometimes done by a password over a TLS-protected session. In other words, this isn't opportunistic encryption, and doesn't run into the problem of random smtp server has a self-signed cert. The client should be configured to know what cert to expect. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com (Firewalls book) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Optical analog computing?
In message [EMAIL PROTECTED], Greg Rose writes : At 01:30 AM 10/2/2002 -0400, John S. Denker wrote: R. A. Hettinga wrote: ... the first computer to crack enigma was optical 1) Bletchley Park used optical sensors, which were (and still are) the best way to read paper tape at high speed. You can read about it in the standard accounts, e.g. http://www.picotech.com/applications/colossus.html But Colossus was not for Enigma. The bombes used for Enigma were electro-mechanical. I'm not aware of any application of optical techniques to Enigma, unless they were done in the US and are still classified. And clearly, the first bulk breaks of Enigma were done by the bombes, so I guess it depends whether you count bombes as computers or not, whether this statement has any credibility at all. If memory serves (my references are at home), the Bletchley Park crew used holes punch in large grids. They'd overlap many sheets and see where the light made it through; that would be a good key (or candidate key). I don't know if you'd call that a computer, but it was an interesting optical device. I'm sure there have been many later applications of similar principles -- see Shamir's TWINKLE, for example, which relied on detecting aggregate brightness over many LEDs. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com (Firewalls book) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
On Wed, Oct 02, 2002 at 02:56:39PM -0400, Steven M. Bellovin wrote: | While I generally am on board with this, I can see a situation where the | encryption overhead [and complexity] may be excessive [underpowered mail | servers administered by beginners] compared to the gains. | | The primary use of STARTLS for SMTP is for mail *submission*, not | relaying. That is, when clients (like Eudora) generate mail, they | submit it to an ISP or organizational SMTP server. If this server is | accessible from the Internet, it should require some sort of | authentication, to avoid becoming an open spam relay. This is | sometimes done by a password over a TLS-protected session. | | In other words, this isn't opportunistic encryption, and doesn't run | into the problem of random smtp server has a self-signed cert. The | client should be configured to know what cert to expect. Its seemingly easy to configure postfix to opportunisticly encrypt email. That may not be its primary use, and many of the pages describing how to set things up miss this, but In main.cf: smtp_use_tls = yes smtp_tls_note_starttls_offer = yes results in this is my mail headers saying: Received: from thetis.deor.org (thetis.deor.org [207.106.86.210]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by H203.C220.tor.velocet.net (Postfix) with ESMTP id CC7593008F for adam Opportunisticly. The other guy accepts my cert at random. We're totally vulnerable to MITM. (Lucky points out in another thread that it would be great to have cert persistance, which can maybe be emulated by putting a really big number in the timeout: smtpd_tls_session_cache_timeout = 3600s He's right. But I'm not letting the best be the enemy of the good.) Adam -- It is seldom that liberty of any kind is lost all at once. -Hume - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
Matthew Byng-Maddick wrote: On Wed, Oct 02, 2002 at 10:04:03AM -0500, Jeremey Barrett wrote: BTW, most and probably all of the major mail clients out there will do STARTTLS *for SMTP*. It's a matter of servers offering it and clients being configured to actually use it. It'd be nice if they always used it if it's available, but right now I think they all require being told to. I have to say that much as it is a laudable goal to get widespread encryption on the SMTP server network, I'm rapidly coming to the conclusion that opportunistic encryption in this way doesn't really work. Consider where one side believes that it will only accept certificates signed by a particular CA (a perfectly plausible scenario in the case of SSL/TLS), and I hand it a self-signed one - this is not communicable before the connection starts up, and in-protocol, a failure to apply policy causes the connection to be shut down (this is by no means the only one, consider one side that only use DES and the other that never use it), leaving the connection in an undefined state. The problem with this is obvious. You have to treat the failure as a temporary failure and try again in a bit. Of course, we know that the only way you're going to send this system mail is by sending it in plaintext, because otherwise you won't adhere to policy, but also, given that it's an automated service, there's no human to turn round and try something slightly different, as there is in the case of the Web Browser or mail client talking SSL. I remain to be convinced on the value of opportunistic encryption. In my mind it doesn't, apparently, do anything useful. Of course, properly configured SSL, I'd agree with, but that means advertising what you're going to talk in some way that means you won't get half way through the protocol and leave it in an undefined state. If you are going to do opportunistic encryption, then you have to be prepared to be opportunistic. Clearly, configuring your server so it can't encrypt opportunistically is a barrier to opportunistic encryption. It isn't hard to set up SSL so it will interoperate with everything (this is why there are mandatory ciphersuites). Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Gaelic Code Talkers
While vacationing in Scotland this summer I had a conversation with a gentleman who said that the British had used Scottish Gaelic speakers as code talkers during World War II. He added that they were not used in the European theatre, as there were too many Irish Gaelic speakers who sympathized with the Axis. A quick glance at Kahn didn't turn up an information on these code talkers. Has anyone else heard anything about it? Cheers - Bill - Bill Frantz | The principal effect of| Periwinkle -- Consulting (408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave. [EMAIL PROTECTED] | fair use. | Los Gatos, CA 95032, USA - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Optical analog computing?
At 11:25 PM 10/1/02 -0400, R. A. Hettinga wrote: I'm at a speech by Terry Essex, CTO of Essex Corp. He worked on optical computing at the NSA for a long time. the first computer to crack enigma was optical In one of the historical books about crypto, there's a method described involving punching hollerith cards, stacking them, and looking through the stack for shared holes. That would be a parallel optical NAND gate. (And Java compatible if you wipe up fast enough.) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
Steven M. Bellovin [EMAIL PROTECTED] writes: While I generally am on board with this, I can see a situation where the encryption overhead [and complexity] may be excessive [underpowered mail servers administered by beginners] compared to the gains. The primary use of STARTLS for SMTP is for mail *submission*, not relaying. While it may was designed for submission, STARTTLS use in relaying probably transports more mail -- looking at the past month, of the 82000 mail I received close to 11000 was delivered in encrypted streams. 7% is quite nice... I wonder how that compares with the use of OpenPGP or S/MIME in mail. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
On Wed, 2 Oct 2002, Jeremey Barrett wrote: BTW, most and probably all of the major mail clients out there will do STARTTLS *for SMTP*. It's a matter of servers offering it and clients being configured to actually use it. It'd be nice if they always used it if it's available, but right now I think they all require being told to. Specifically, Mozilla, Outlook, Outlook Express, Netscape (all the way back to 4.7x at least), Evolution, and Eudora all support STARTTLS (again, for SMTP). I imagine there are others that do as well. Amusingly, virtually none of them support STARTLS on any other protocol. :) IMAP and POP are almost all supported only on dedicated SSL ports (IMAPS, POP3S). Argh. Pine and UW imapd both support STARTTLS for all relevant protocols (SMTP/IMAP/POP/LDAP client for Pine, IMAP/POP server for imapd). They also support Kerberos authentication and datastream encryption for all these protocols. Evolution does? I tried out the Evolution 1.0.3 that comes with my RedHat 7.3 distribution, and it appeared not to support STARTTLS for IMAP or SMTP. When I told it to use secure connection (SSL) for SMTP it tried to connect to port 465 (the deprecated smtps port) and failed. - RL Bob - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
At 09:05 AM 10/01/2002 -0700, Major Variola (ret) wrote: So yes Alice at ABC.COM sends mail to Bob at XYZ.COM and the SMTP link is encrypted, so the bored upstream-ISP netops can't learn anything besides traffic analysis. But once inside XYZ.COM, many unauthorized folks could intercept Bob's email. Access Control is sorely lacking folks. I'm running Win2000 in You're Not The Administrator mode. Since somebody else is root and I'm not, the fact that my network admins could eavesdrop on my link traffic isn't a big deal, especially when they set up my PC's software. And if I do pretend to trust my machine against some insiders, I can use SSH, SSL, and PGP to reduce risks from others... Also, STARTTLS can reduce eavesdropping at Alice's ABC.COM. If your organization is an ISP, the risks are letting them handle your email at all (especially with currently proposed mandatory eavesdropping laws), and STARTTLS provides a mechanism for direct delivery that isn't as likely to be blocked by anti-spamming restrictions on port 25. Now to get some email *clients* using it. On the other hand, if your recipient is at a big corporation, they're highly likely to be using a big shared MS Exchange server, or some standards-based equivalent, so the game's over on that end before you even start. Take the STARTTLS and run with it... Link encryption is a good idea, but rarely sufficient. Defense in depth is important for real security. STARTTLS can be a link-encryption solution, but it can also be part of a layered solution, and if you don't bother with end-to-end, it's a really good start, and isolates your risks. It also offers you some possibility of doing certificate management to reduce the risk of man-in-the-middle attacks from outside your organization, and does reduce some traffic analysis. at Tuesday, October 01, 2002 3:08 AM, Peter Gutmann [EMAIL PROTECTED] was seen to say: For encryption, STARTTLS, which protects more mail than all other email encryption technology combined. If your goal is to encrypt 20% of the net by Christmas, STARTTLS will get a lot closer to that than a perfect system. Similarly, IPSEC using the shared key open secret would have been a much-faster-deployed form of opportunistic encryption than the FreeSWAN project's more complex form that wants some control over DNS that most users don't have. In the absence of a real Public Key Infrastructure, neither is totally man-in-the-middle-proof, so if the Feds are targeting *you* it's clearly not enough, but reducing mass-quantity fishing expeditions increases our security and reduces the Echelon potential - especially if 90% of the encrypted material is routine corporate email, mailing lists, Usenet drivel, etc. At 01:20 PM 10/1/02 +0100, David Howe wrote: I would dispute that - not that it isn't used and useful, but unless you are handing off directly to the home machine of the end user (or his direct spool) odds are good that the packet will be sent unencrypted somewhere along its journey. with TLS you are basically protecting a single link of a transmission chain, with no control over the rest of the chain. You can protect most of the path if your firewalls don't interfere, and more if your recipients' don't. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
At 10:04 AM 10/2/02 -0500, Jeremey Barrett wrote: Specifically, Mozilla, Outlook, Outlook Express, Netscape (all the way back to 4.7x at least), Evolution, and Eudora all support STARTTLS (again, for SMTP). I imagine there are others that do as well. Amusingly, virtually none of them support STARTLS on any other protocol. :) IMAP and POP are almost all supported only on dedicated SSL ports (IMAPS, POP3S). Argh. I use Eudora, as I'm very comfortable with it (so comfortable, in fact, that it's my primary reason for booting Windows at all.) The version I use, 5.1, *does* support STARTTLS for POP over both the regular port 110 as well as alternate ports, as well as user-defined ports. It needs some tweaking, but the capability exists. I don't know about IMAP, as I don't use IMAP to get my mail. Udhay -- ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
Udhay Shankar N wrote: | At 10:04 AM 10/2/02 -0500, Jeremey Barrett wrote: | | Amusingly, virtually none of them support STARTLS on any other protocol. | :) IMAP and POP are almost all supported only on dedicated SSL ports | (IMAPS, POP3S). Argh. | | I use Eudora, as I'm very comfortable with it (so comfortable, in fact, | that it's my primary reason for booting Windows at all.) | | The version I use, 5.1, *does* support STARTTLS for POP over both the | regular port 110 as well as alternate ports, as well as user-defined | ports. It needs some tweaking, but the capability exists. | | I don't know about IMAP, as I don't use IMAP to get my mail. | Yes, Eudora is the exception. It supports both STARTTLS and dedicated SSL ports for all mail protocols (it even does SMTPS I think). Jeremey. -- Jeremey Barrett [[EMAIL PROTECTED]]Key: http://rot26.com/gpg.asc GnuPG fingerprint: 716E C811 C6D9 2B31 685D 008F F715 EB88 52F6 3860 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: What email encryption is actually in use?
--On Wednesday, 02 October, 2002 10:54 -0500 Jeremey Barrett [EMAIL PROTECTED] wrote: Udhay Shankar N wrote: | At 10:04 AM 10/2/02 -0500, Jeremey Barrett wrote: | | Amusingly, virtually none of them support STARTLS on any other protocol. | :) IMAP and POP are almost all supported only on dedicated SSL ports | (IMAPS, POP3S). Argh. | | I use Eudora, as I'm very comfortable with it (so comfortable, in fact, | that it's my primary reason for booting Windows at all.) | | The version I use, 5.1, *does* support STARTTLS for POP over both the | regular port 110 as well as alternate ports, as well as user-defined | ports. It needs some tweaking, but the capability exists. | | I don't know about IMAP, as I don't use IMAP to get my mail. | Yes, Eudora is the exception. It supports both STARTTLS and dedicated SSL ports for all mail protocols (it even does SMTPS I think). it isn't the only exception: i use mulberry with IMAP, and it supports STARTTLS for both IMAP and SMTP over the normal ports; haven't tried POP3, although it looks like it should work. and this seems to work for mulberry on linux, macs and windows. -paul - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]