Hi Marek, On Wed, 16 May 2007 21:01:35 +0200 UTC (5/16/2007, 2:01 PM -0500 UTC my time), Marek Mikus wrote:
>> B and D only allows me to send and receive packets securely. Since I still >> can into the server by authentication using A and C, what difference does it >> make? >> Answer: NONE M> so do You understand what is difference between authentication and M> security, or not? M> Seems not. no, not at all. I just make my living at it. You? M> BTW if B and D allows You secure packets *only*, why You need it? ding, ding, ding. We have a winner here...... the answer is........ You don't need it! and ...... since you do not need it to get(POP) or see (IMAP) your mail on the server, which can only be done with authentication in the first place, the choice for accepting a cert should be left with the user! POPS and IMAPS are there as a courtesy or benefit, or feature for those that wish to use it, knowing that in the remote case of anyone sniffing the wire, they could not see the data packet streams. I have built many POP/IMAP servers where the customer just wants to utilize the standard port 110/143, and many who want both. Personally, I always suggest using asymmetric encryption for email if it is important or has sensitive personal or business info, e.g. GPG/PGP, even symmetric encryption is okay. -- Gary ________________________________________________________ Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
