--Boundary-02=_bqx7+0h97GCxI+Z Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline
On Tuesday 17 June 2003 07:08 am, Craig Jackson wrote: > -ray wrote: > [onitted] > > > Use GPG if you want true end-to-end mail encryption. > > Not really true. The primary reason for TLS is authentication encrytion, > IMHO. Downloading pop3 mail from Cox transmits clear text username and > password. That leaves mail open to reading by anyone sniffing about. > It's true that GPG encrypts the message, but who encrypts all their > messages? A cracked account is still ripe for malicious deletion of > email. I agree that Cox should support TLS. HUH? we're talking about SMTP. outbound mail. blocked port 25. There is=20 NOTHING preventing you from retrieving mail from another location. I have=20 never used a cox provided mailbox. and if you can use some method to prote= ct=20 that normally in-the-clear transaction, the more's the better. TLS on 25=20 does not provide anything resembling authentication. Now you're talking abo= ut=20 SMTP auth which makes no sense for Cox to even implement. No passwords are= =20 transmitted in an smtp transaction unless you're using SMTP auth. =20 It is entirely possibly that Cox does support SSL/TLS on their POP3 server.= =20 I've never checked. They user Intermail on pop.east.cox.net which a=20 preliminary google hunts shows does support the capability -- it's a matter= =20 of whether or not cox has implemented it. =2D-=20 Scott Harney <[EMAIL PROTECTED]> "...and one script to rule them all." gpg key fingerprint=3D7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5 --Boundary-02=_bqx7+0h97GCxI+Z Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQA+7xqb8CR9pgvHlOURAk6eAJ4rob9TmfztJZnvqxXmP14Qn23YKACcCqPz e52rI2bEOi0YaONPPIYHAWc= =I47W -----END PGP SIGNATURE----- --Boundary-02=_bqx7+0h97GCxI+Z--
