On 11.02.18 20:26, Harald Koch wrote:
Is this change in long-standing opinion of the IETF only because existing implementations so often ignore STARTTLS, or is there actually a security issue with STARTTLS (instead of implicit TLS)?
I guess it's about firewalls - you can run service without TLS on 587 unnoticed (e.g. autnentication accepted without it). you can't on 465 (implicit TLS fails) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "To Boot or not to Boot, that's the question." [WD1270 Caviar]