[Dovecot] SSL / TLS

Carlos Williams carloswill at gmail.com
Sat Jun 27 00:55:43 EEST 2009


On Fri, Jun 26, 2009 at 5:46 PM, Michael Orlitzky<michael at orlitzky.com> wrote:
> A typical "TLS" session will work as follows:
>
> 1  The client connects to the IMAP service on port 143, unencrypted.
> 2  The server announces that it speaks TLS.
> 3  The client says "Ok, let's talk encrypted."
> 4  Magic occurs, and the session becomes encrypted. This step is where
>   your "SSL" certificate is used.
> 5  The rest of the session is encrypted.

Thats a great and informative breakdown. I guess I just don't see a
benefit of using either over another.
It would appear that using SSL where the session is assumed before
established to be encrypted rather
than switching to encrypted just saves time. They both appear to do
the same thing. Obviously from what
I read, TLS is newer than SSL but sometimes thats not always a good
thing. I just don't know in this case.
Do you recommend I do one over the other? I don't really have a
requirement here at all yet so that being
said, I would rather someone who has better understand of this tell me
what they would do for a simple
Postfix / Dovecot install on a Linux server.

Any recommendations?


More information about the dovecot mailing list