Lee, Just got home and have not yet digested your knowledge but I had to say a heartfelt thanks, my you are so kind and so good at having the answers to the difficult ones.
John On Mar 2, 2010, at 9:16 PM, Lee Larson wrote: > On Mar 2, 2010, at 11:47 AM, John Robinson wrote: > >> What is the difference between a POP and a POPs? I guess the "s" stands for >> secure but how do you get to that, by using an ISP that allows for SSL? > > Regular POP sends everything, including passwords, across the Net in clear > text. POPs encrypts everything. The 's' stands for 'secure'. > >> A couple things here. If the little "lock" is grayed, but still shows the >> certificate to be viewed is it safe? Possibly the lock icon is never dark? >> In the WiFI spots and you are indeed on an encrypted connection does that >> mean what you type is sent in a packet that is garbled (encrypted) until it >> gets to their site and then it is unscrambled? On our end, what do we have >> to do in order to be sure we are sending encrypted, use and ISP that allows >> SSL? > > At least in Safari, if the lock is there, then all traffic between your > computer and the server computer on the other end is encrypted. This means > it's nearly impossible for any 'man in the middle' to eavesdrop on your > traffic. If the lock isn't there, then the traffic is clear text and any man > in the middle can read it. > > You have to do nothing to take advantage of a secure connection. If the site > you're visiting sends a security certificate to your browser, then your > browser and the site's server will do all the work in setting up the > encryption. > > Your ISP has nothing to do with you talking to an encrypted Web page. The ISP > is nothing more than a conduit carrying bytes back and forth. All encryption > and decryption occurs at the endpoints. > >> Aye.net does NOT use SSL, but Insight does so sending an email I would need >> to use the insight address rather than aye.net, but when I am in a coffee >> shop and jumping on their service I don't know if is secure (SSL)? How do >> you know since you have your system set to Insight's specifications yet you >> are using another ISP? I am confused on this as you can tell. > > The way it works is this. > > If somebody running a Web page wants to run a secure Web page, then they > obtain a security certificate, usually from one of the certificate > authorities like Verisign or GoDaddy. They add this security certificate to > their server. When you contact their page, the server sends out the public > part of the certificate and your browser uses this to set up secure > communication. Your ISP has nothing to do with it, unless they happen to own > the Web page. > > Insight's Web mail is a secure site. > >> So I guess you are using MobileMe for your mail service, and encrypting with >> the SSL, the same that Insight does. I can start using either of these as I >> have both but I am still confused as to how that is secure if I am writing >> my daughter and she is on a service that does not have SSL. I guess it >> would be secure leaving my machine in the coffee shop and getting to the >> servers at Insight or Apple, but then going from them to her ISP it would >> NOT be encrypted if her company didn't support SSL? > > Many email providers support IMAPs. MobileMe and Google are among them. > Insight does not support IMAPs because I don’t think Insight has any form of > IMAP support. That's the main reason I don’t use Insight's mail, even though > I have a cable broadband connection. (I don’t much like Web mail.) > > With my family and several of my friends, I go one step more toward privacy; > I encrypt the email before it leaves my computer. Most modern email clients > support an encryption method called S/MIME. If you and the person with whom > you're corresponding have gone to the trouble of getting special S/MIME > certificates, then all the mail between the two of you is automatically > securely encrypted. > > I also use the S/MIME certificate to sign my email, which you may have > noticed, if you use Apple's mail, because it tells you the message is signed. > Nobody can effectively impersonate me via email. > > There are many ways to maintain some privacy and security on the Web with > simple encryption. If more of us took the time to learn how to do it, much of > the spam problem would go away. > > > > > > _______________________________________________ > MacGroup mailing list > [email protected] > http://www.math.louisville.edu/mailman/listinfo/macgroup
_______________________________________________ MacGroup mailing list [email protected] http://www.math.louisville.edu/mailman/listinfo/macgroup
