On Thu, 28 Nov 2002, Arnt Gulbrandsen wrote: >Andreas Aardal Hanssen writes: >> I'd rather turn the ball(?) around, and ask - why can't the localhost >> client use TLS or SSL like everyone else? I guess the obvious >> argument is that it wastes cycles and does not provide more security. >The client on localhost may be something like "stunnel -r 143" or an ssh >tunnel. >--Arnt
If the current protocol says that the client should either use TLS or SSL, then I suppose connecting to it through "stunnel" makes the connection to the IMAP server a plain-text connection. The IMAP server has to support SSL or TLS, so stunnel should not be necessary. Now - if the server decides that its SSL support is _exactly_ to advise the client to set up stunnel and add a configuration switch that allows plain text connections, then that's a decision the server designer has made and must stand for, and it has nothing to do with the protocol. Andy -- Andreas Aardal Hanssen
