Kirill Ponazdyr <[EMAIL PROTECTED]> 2006-09-16: > > The subject says it all: do you know which providers support TLS > > (the technology formerly known as SSL) for SMTP, POP and/or IMAP for > > their residential or small-office dialup/broadband customers? > > TLS for SMTP makes no sence since this will only protect your message > enroute from your machine to SMTP server but after that it is all open > again.
Of course TLS does not offer end to end security like S/MIME and PGP do, but still there are plenty of reasons for supporting TLS: * Protection of SMTP AUTH credentials, especially when using insecure auth methods * TLS between MTAs requires no action on behalf of end users and still offers additional protection compared to no TLS, while TLS between MUA and MSA/MTA is still a lot easier to set up for customers than S/MIME or PGP * Given todays many open or insecure wireless networks, TLS on the first hop (MUA <-> MSA/MTA) helps to better protect messages when they are most vulnerable -- it seems to be considerably more difficult for third parties to read messages in transit between MTAs than to read messages on the first (or last) hop on wifi or shared / public access networks * TLS protects the RFC 2822 headers and RFC 2821 envelope too, which S/MIME and PGP cannot -- Daniel Roethlisberger <[EMAIL PROTECTED]> _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
