Am 26.02.2013 22:38, schrieb Charles Marcus: > On 2013-02-26 3:55 PM, Reindl Harald <h.rei...@thelounge.net> wrote: >> TLS is practically the next SSL version after SSL 3.0 and internally SSL >> 3.x, in fact it is only a wording issue > > Prove it.
dmaned i have proven it at least a hour ago read the first line of the follwoing link http://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.0 TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As stated in the RFC, "the differences between this protocol and SSL 3.0 are not dramatic, but they are significant to preclude interoperability between TLS 1.0 and SSL 3.0. " TLS 1.0 does include a means by which a TLS implementation can downgrade the connection to SSL 3.0, thus weakening security. >> pfffffff >> >> SSL if available: use port 993 if available, but you may use 143 unecnrypted >> SSL Always: use always port 993 >> TLS if available: use STARTLS on 143 if available, but if not use no >> encryption >> TLS Always: use always STARTTLS on 143 > > pffffffffff yourself - in fact, I just visually confirmed... > The native Android mail shows these choices it does not interest rme what you have VISUALLY confirmed there are only two choices: * the client does show you bullshit because it is not his job to explain you the differences and it knows better than you that on 143 he has to use STARTTLS which he can not do on 993 * the client fails with STARTTLS on 993 or TLS/SSL on 143, the same for smpts/pop3s i guess he does the first of the two choices ______________________________ in fact 993 is SSL/TLS and NOT STARTTLS in fact 143 is unencrypted or STARTTLS try it out, configure postfix 587/465 the wrong way around and look what happens, or configure postfix to realy to a server via SSL on port 465 with doe snot support STARTLS and look what happens Google: "difference ssl starttls" http://luxsci.com/blog/ssl-versus-tls-whats-the-difference.html here have you a real good explaination WHAT STARTTLS is and yes, in this context there is no difference between pop3/imap3/smtp http://www.postfix.org/CVE-2011-0411.html
signature.asc
Description: OpenPGP digital signature