Hey, * micah <[email protected]> [28/07/2015 21:21:56] wrote: > I dont understand why both XMPP and SMTP decided to go the route of > deprecating tls-wrapped options and instead only do STARTTLS. This seems > like a wrong approach. > > Even though 465 was deprecated by the IANA a long time ago, its still > widely used for wrapped TLS. In fact, I use it for that purpose because > I dont want to support a downgrade attack STARTTLS option.
Not sure either. I guess this was en vouge a while ago. The problem is I don't want to recommend an officially deprecated port. Ideally we'd speak TLS over 587 or something like that. In-band protocol upgrades (especially for security purposes) have to seem like a strange choice for anyone that has spent some time reading up on network protocol security. BTW: keep up the excellent work with rise-up ;) Aaron
signature.asc
Description: Digital signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
