I personally would not use a phrase like 'opens an unencrypted TCP connection' ... perhaps 'new' or 'raw', but not 'unencrypted'. 'unencrypted' suggests that one could open an 'encrypted' connection, and a reader might start trying to figure out where that process is documented.
That said, it is easier to play editor than writer, kudos to Jakob for getting it started. On Thu, 25 Oct 2012, Jakob Bohm wrote: > On 10/23/2012 3:09 PM, thorso...@lavabit.com wrote: >>> The two are unrelated. You can use both, or neither. Most IMAP clients will >>> also let you choose, these days, whether to try to connect to port 993, or >>> to port 143 and check if the server supports STARTTLS. >> I thought that TLS is "the new version" of SSL that's why I decided to >> use it. It turned out that I really wanted SSL. Just to clarify, I'm >> going to use the following settings: > May I humbly suggest that at least the Courier documentation avoids the > misleading terminology used by some GUI clients, and reverts to the much > clearer names and phrases (depending on the amount of text allowed in > context): > > "IMAPS" or "IMAPS on port 993 (IMAP over SSL/TLS, called SSL in some GUIs)" > "STARTTLS" or "STARTTLS for IMAP on port 143 (IMAP with SSL/TLS on the fly, > called TLS in some GUIs)" > > Note to users (including thorsopia): STARTTLS provides exactly the same > encryption as IMAPS, but without using an extra port. > > With IMAPS, the client opens an unencrypted TCP connection to unencrypted > port number 993, then instantly begins the SSL/TLS encryption setup. > > With STARTTLS, the client opens an unencrypted TCP connection to > unencrypted port number 143, then sends an unencrypted "Hi, what kind of > IMAP are you?", gets the answer "I am an IMAP with STARTTLS", then sends > the command "STARTTLS", then begins the SSL/TLS encryption setup. > > After these slightly different ways of telling if the server can encrypt > the connection, the encryption and communication is exactly the same: > > 1. Set up the SSL/TLS encryption, optionally getting and validating a > client certificate in the process. > > 2. Ask (encrypted this time):"Hi, what kind of IMAP are you, really?". > > 3. Sending (encrypted) login commands that may involve passwords or > other techniques, such as referring to a client certificate from the > SSL/TLS handshake. > > 4. Doing all the mail access encrypted. > > Enjoy > > Jakob > -- > Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com > Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 > This public discussion message is non-binding and may contain errors. > WiseMo - Remote Service Management for PCs, Phones and Embedded > > > > ------------------------------------------------------------------------------ > Everyone hates slow websites. So do we. > Make your web apps faster with AppDynamics > Download AppDynamics Lite for free today: > http://p.sf.net/sfu/appdyn_sfd2d_oct > _______________________________________________ > Courier-imap mailing list > Courier-imap@lists.sourceforge.net > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap > ---------------------------------------------------------------------- tbr...@baremetal.com | Courage is doing what you're afraid to do. http://BareMetal.com/ | There can be no courage unless you're scared. | - Eddie Rickenbacker ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
