[Dovecot] Protocol logging - TLS vs SSL

[Reindl Harald]

Am 26.02.2013 21:46, schrieb Charles Marcus:
> On 2013-02-26 3:22 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> ah so enlighten us about the big difference you see and what in SSL is not "transport layer security"
>> http://msdn.microsoft.com/en-us/library/windows/desktop/aa380515%28v=vs.85%29.aspx TLS is a standard closely
>> related to SSL 3.0, and is sometimes referred to as "SSL 3.1" 
> 
> Reindl, you really need to learn how not to be such a total ass

you have no idea how i act if i want to be an ass

> How precisely do you equate 'not *exactly* the same', and there is a 'big difference'.
> Again, there *is* a technical difference, albeit minor:
> http://kb.iu.edu/data/anjv.html

not really

> Anyway, as usual, Timo is spot on... Thunderbird has the choice of 'SSL/TLS'

to show the ordinary user it is practically the same while STARTTLS
starts with a unencrypted connection to do a handshake

 and I imagine it is because TLS uses
> stronger encryption algorithms (which I just learned) that Dovecot uses it when given the choice.

bruahaha

TLS is practically the next SSL version after SSL 3.0
and internally SSL 3.x, in fact it is only a wording issue

> NONE
> SSL if available
> SSL Always
> TLS if available
> TLS Always
> 
> And I always choose (chose - from now on I'll choose TLS) 'SSL Always', so shouldn't these connections show 'SSL'
> instead of TLS, since I'm basically forcing my phone to SSL?

pfffffff

SSL if available: use port 993 if available, but you may use 143 unecnrypted
SSL Always:       use always port 993
TLS if available: use STARTLS on 143 if available, but if not use no encryption
TLS Always:       use always STARTTLS on 143


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130226/e6525505/attachment.bin>