[Dovecot] Protocol logging - TLS vs SSL
Charles Marcus
CMarcus at Media-Brokers.com
Wed Feb 27 00:03:28 EET 2013
On 2013-02-26 4:26 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>
> Am 26.02.2013 22:19, schrieb Charles Marcus:
>> On 2013-02-26 3:59 PM, Ben Morrow <ben at morrow.me.uk> wrote:
>>> At 3PM -0500 on 26/02/13 you (Charles Marcus) wrote:
>>>> Now the only other question is, again already being contemplated by Timo
>>>> apparently, why the config file uses SSL...
>>> Why not?
>> Because, as has been pointed out, TLS is the 'new', and SSL is the 'old'?
> and you still do not understand that it is the same
I meant the new NAME. But obviously you're more interested in picking
fights than having a conversation.
>>>> Timo, what I would suggest is allow the use of ssl in the config file
>>>> for backwards compat, but change future versions to use TLS...
>>> I would be against that idea.
>> My turn... why?
> because it is a useless change which makes
> code complexer and more error proof
Assuming you meant error-PRONE, that is ridiculous.
Postfix does things like this all the time (implementing something new
but maintaining the old way for backwards compat). If it is done right,
it won't hurt a thing (and I think we all know timo knows how to do
things right).
>>>> And I always choose (chose - from now on I'll choose TLS) 'SSL Always',
>>>> so shouldn't these connections show 'SSL' instead of TLS, since I'm
>>>> basically forcing my phone to SSL?
>>> I suspect the difference is that the 'SSL' options use imap-over-SSL on
>>> port 993 while the 'TLS' options use STARTTLS over port 143.
>> Don't know how you or Reindl came to that conclusion, because the ports are specified separately.
> because if you would spend 10 seconds of
> your time with a default tunderbird setup
> you would see that STARTTLS is 143 and
> TLS/SSL is 993 because the port switchs
> with the dropdown change
Yes, but again, they are independent, and you can change the port if you
like.
Question: can you use arbitrary ports for secure IMAP/POP/SMTP? I don't
see why not. You can use arbitrary ports for secure http...
--
Best regards,
*/Charles/*
More information about the dovecot
mailing list