Hello Gary, Wednesday, May 16, 2007, 21:46:34, you wrote:
>>B and D only allows me to send and receive packets securely. Since I still >>can into the server by authentication using A and C, what difference does it >>make? >> Answer: NONE Confidentiality, integrity and availability as the fundamental security characteristics of information. http://en.wikipedia.org/wiki/CIA_Triad http://en.wikipedia.org/wiki/Information_security#Confidentiality.2C_integrity.2C_availability TLS assures confidentiality and integrity of the information. Confidentiality means that nobody in transit (that has access to the data channel) can read your messages while your are retrieving them via TLS. Integrity in email means that nobody in transit can alter your messages, i.e. modify the contents of the messages, inject false messages, remove legitimate messages, etc. while your are retriving them via TLS. So I do not agree that there is no difference between BD and AC. If you are using TLS with expired or otherwise invalid certificates, this means that there is no actually TLS and confidentiality and integrity is no longer assuered, so the malicious person that has access to data channel can read and/or modify the messages while you are retrieving them. -- Best regards, Maxim Masiutin mailto:[EMAIL PROTECTED] ________________________________________________________ Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html