[Dovecot] Protocol logging - TLS vs SSL

Noel noeldude at gmail.com
Wed Feb 27 00:10:05 EET 2013


On 2/26/2013 3:38 PM, Charles Marcus wrote:
> The native Android mail shows these choices:
>
> None
> SSL
> SSL (Accept all certificates)
> TLS
> TLS (Accept all certificates)


This is just a dumbing-down of the terms for the mass market.  Many
end-user mail clients use these same terms, so at least they have a
little consistency.

In this case:
SSL means wrapper mode TLS (not really SSL unless that's all the
server supports)
TLS means STARTTLS (can fall back to SSL if that's all the server
supports)

As you know, there are common ports for wrapper mode and STARTTLS,
and they aren't compatible.  The SSL/TLS designation, while not
technically correct, is a convenient way to tell users which to pick
without a long on-screen description.


Anyone who's confused by this is trying too hard.  It's really all TLS.


  -- Noel Jones


More information about the dovecot mailing list