Gary wrote: > v> treat it as an exam question: "what is the difference between security > v> and encryption?" > > A. I can log into any POP server that I am a registered user using the > standard port 110. I must authenticate to get into the server to get my > mail. > > B. I can log into any POPS server that I am a registered user using the > standard SSL pop port 995 . I must authenticate to get into the server. > > C. I can log into any IMAP server that I am a registered user using the > standard port 143. I must authenticate to get into the server. > > D. I can log into any IMAPS server that I am a registered user using the > standard TLS/SSL port 993. I must authenticate to get into the server. > > In the case of B and D, what is different from A and C. I still have to > authenticate to get into the server. > in cases B and D not only the server authenticates you, but you also authenticate the server - to be sure you're giving your information (including auth credentials in most cases) to the right entity.
in case of expired certs, this basically means the key might be hacked already (enough time passed since it was issued). > B and D only allows me to send and receive packets securely. encryptedly. it might be secure, but it might be not (with a hacked cert, for example). > Since I still > can into the server by authentication using A and C, what difference does it > make? > > Answer: NONE > exam failed. please come back next year. thank you. -- Signed, Vitalie. ________________________________________________________ Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
