On Wed, 2007-11-14 at 12:29 -0600, Kyle Wheeler wrote: > On Wednesday, November 14 at 11:51 AM, quoth Ed W: > > Is TLS always performed BEFORE auth with generally available POP/IMAP > > clients? .. > Technically, there's nothing in the IMAP spec that forbids doing it > the other way around,
Actually there is :) STARTTLS is a valid command only in non-authenticated state.
signature.asc
Description: This is a digitally signed message part
