IMAP uses SSL even when not requested
Hi, I'm connecting to a server that supports both imap and imaps, and even though I'm setting mutt to connect via imap, it asks me about the certificate and then seems to connect with SSL anyway. Is this a feature, or is something mixed up on my end? If it's a feature, I don't think it's a good one. Please cc me, since I'm not on the list. Thanks, Jeremy
Re: IMAP uses SSL even when not requested
At 23:25 -0700 03 Jun 2002, Jeremy Lin [EMAIL PROTECTED] wrote: I'm connecting to a server that supports both imap and imaps, and even though I'm setting mutt to connect via imap, it asks me about the certificate and then seems to connect with SSL anyway. Is this a feature, or is something mixed up on my end? If it's a feature, I don't think it's a good one. This is a feature, and I suspect that you'd be in a minority for thinking that having security is a bad thing. Also, this feature is needed for connecting securely to servers that don't accept connections on the imaps port, but instead support the STARTTLS extension on the normal imap port. You can likely disable this feature with set ssl_starttls=no. -- Aaron Schrab [EMAIL PROTECTED] http://www.schrab.com/aaron/ ... who knows how many AI projects are reading slashdot these days? -- Larry Wall http://www.perl.com/pub/1999/08/onion/talk1.html
Re: IMAP uses SSL even when not requested
* On 2002.06.04, in [EMAIL PROTECTED], * Aaron Schrab [EMAIL PROTECTED] wrote: At 23:25 -0700 03 Jun 2002, Jeremy Lin [EMAIL PROTECTED] wrote: I'm connecting to a server that supports both imap and imaps, and even though I'm setting mutt to connect via imap, it asks me about the certificate and then seems to connect with SSL anyway. Is this a feature, or is something mixed up on my end? If it's a feature, I don't think it's a good one. This is a feature, and I suspect that you'd be in a minority for thinking that having security is a bad thing. Also, this feature is I'm not sure about that. It depends on setting -- in some cases, I might really want to connect on a plaintext port and not negotiate TLS -- for example, if I'm testing my IMAP server, or debugging my client's SSL installation through contrapositive proof. :) needed for connecting securely to servers that don't accept connections on the imaps port, but instead support the STARTTLS extension on the normal imap port. You can likely disable this feature with set ssl_starttls=no. Yes, exactly -- it should never use SSL when told not to, but setting ssl_starttls is equivalent to telling mutt to use TLS when available. -- -D.[EMAIL PROTECTED]NSITUniversity of Chicago
Re: IMAP uses SSL even when not requested
On Tue, Jun 04, 2002 at 11:55:28AM -0500, David Champion wrote: needed for connecting securely to servers that don't accept connections on the imaps port, but instead support the STARTTLS extension on the normal imap port. You can likely disable this feature with set ssl_starttls=no. Yes, exactly -- it should never use SSL when told not to, but setting ssl_starttls is equivalent to telling mutt to use TLS when available. you mean it should always use SSL unless not told to, right? I still can't think of a single reason (aside from testing) that you will prefer the plaintext over SSL, by default. -- Dan Boger [EMAIL PROTECTED] msg28588/pgp0.pgp Description: PGP signature
Re: IMAP uses SSL even when not requested
* On 2002.06.04, in [EMAIL PROTECTED], * Dan Boger [EMAIL PROTECTED] wrote: On Tue, Jun 04, 2002 at 11:55:28AM -0500, David Champion wrote: needed for connecting securely to servers that don't accept connections on the imaps port, but instead support the STARTTLS extension on the normal imap port. You can likely disable this feature with set ssl_starttls=no. Yes, exactly -- it should never use SSL when told not to, but setting ssl_starttls is equivalent to telling mutt to use TLS when available. you mean it should always use SSL unless not told to, right? No, I don't care to stake an opinion on what the default should be. I only mean that it should never use SSL when instructed not to use SSL. I still can't think of a single reason (aside from testing) that you will prefer the plaintext over SSL, by default. I can, but I don't care to get into it. I've already lost too many precious days of my life to arguing about such trivialities as whether John Ashcroft knows that snake-oil salesmen and fraudulent junta commandos are offering me an ill-gained Nigerian fortunes and extensions to my manhood. -- -D.[EMAIL PROTECTED]NSITUniversity of Chicago
Re: IMAP uses SSL even when not requested
David, et al -- ...and then David Champion said... % ... % I still can't think of a single reason (aside from testing) that you % will prefer the plaintext over SSL, by default. % % I can, but I don't care to get into it. I've already lost too many % precious days of my life to arguing about such trivialities as whether % John Ashcroft knows that snake-oil salesmen and fraudulent junta % commandos are offering me an ill-gained Nigerian fortunes and extensions % to my manhood. Oh, come on. You have to admit that the MAKE P3N1S FAST pyramid scheme is beautiful in its simplicity, and colorful, too! % % -- % -D. [EMAIL PROTECTED]NSITUniversity of Chicago :-D -- David T-G * It's easier to fight for one's principles (play) [EMAIL PROTECTED] * than to live up to them. -- fortune cookie (work) [EMAIL PROTECTED] http://www.justpickone.org/davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg28594/pgp0.pgp Description: PGP signature