On 2011-02-28 16:05, Joe Btfsplk wrote: > On 02/28/2011 03:30 PM, Robert Ransom wrote: >>> >>> Connections to the plaintext POP3 and IMAP ports may be secured using >>> the STARTTLS command. >> > Where would the "STARTTLS" command be used? > Would it be a permanent change to some config file (until changed back) > or used manually on each start?
Joe, This article is good intro to how the STARTTLS command would be used: http://en.wikipedia.org/wiki/STARTTLS In short, the client sends the STARTTLS command to the server to indicate a desire to use TLS encryption for the connection. STARTTLS is most widely used with SMTP, POP, and IMAP. The genesis of the STARTTLS command was a realization that the earlier approaches to adding TLS security to existing TCP protocol-based services suffered from a systemic flaw: "wrapping" the connection in TLS and offering the "wrapped" service on a different port in effect required doubling the number of assigned ports. One port for the cleartext version, one port for the TLS version. (This turned out to be less of a problem in practice than anticipated at the time of the creation of the STARTTLS command, as the growth of encryption was paralleled by a reduction in ports on which many hosts connected to the Internet may transmit packets due to ISP level filtering and the rise of NAT. But that's a discussion for a different mailing list). --Lucky _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
