[Dovecot] Protocol logging - TLS vs SSL
Reindl Harald
h.reindl at thelounge.net
Tue Feb 26 23:26:39 EET 2013
Am 26.02.2013 22:19, schrieb Charles Marcus:
> On 2013-02-26 3:59 PM, Ben Morrow <ben at morrow.me.uk> wrote:
>> At 3PM -0500 on 26/02/13 you (Charles Marcus) wrote:
>>> Now the only other question is, again already being contemplated by Timo
>>> apparently, why the config file uses SSL...
>> Why not?
>
> Because, as has been pointed out, TLS is the 'new', and SSL is the 'old'?
and you still do not understand that it is the same
>>> Timo, what I would suggest is allow the use of ssl in the config file
>>> for backwards compat, but change future versions to use TLS...
>
>> I would be against that idea.
>
> My turn... why?
because it is a useless change which makes
code complexer and more error proof
>>> And I always choose (chose - from now on I'll choose TLS) 'SSL Always',
>>> so shouldn't these connections show 'SSL' instead of TLS, since I'm
>>> basically forcing my phone to SSL?
>
>> I suspect the difference is that the 'SSL' options use imap-over-SSL on
>> port 993 while the 'TLS' options use STARTTLS over port 143.
>
> Don't know how you or Reindl came to that conclusion, because the ports are specified separately.
because if you would spend 10 seconds of
your time with a default tunderbird setup
you would see that STARTTLS is 143 and
TLS/SSL is 993 because the port switchs
with the dropdown change
> So, I can specify port 993, and TLS.
and if you specify STARTTLS on port 993 it would not work
also SSL/TLS without STARTTLS on 143 would not work
why?
because 143 is STARTTLS (google) and 993 is SSL
the same for SMTP
STARTTLS: 25 or 587 (submission)
SSL/TLS: 465 (deprecated and NOT STARTTLS)
> Well, you're obviously right about it being confusing, and that in and of itself is not a good thing...
> Oh well, whatever, it isn't that big a deal...
and that is why ANY touching of server source code is not worth
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130226/d5d175ba/attachment.bin>
More information about the dovecot
mailing list