https://bugs.kde.org/show_bug.cgi?id=404211
Jan Kundrát <j...@kde.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|UPSTREAM |NOT A BUG --- Comment #12 from Jan Kundrát <j...@kde.org> --- (In reply to Filipe Azevedo from comment #9) > The Trojita GUI does not specify SSL at all, it has: > > - Use encryption (STARTTLS) > - Force encryption (TLS) I can see that these names can be confusing, but I do not know how to better explain what's going on. The choice is, essentially, whether to use encryption from very beginning, or whether to establish a plaintext connection first and then upgrade it to encryption via the STARTTLS command. These two options use different server port numbers, and it is important to get both port number *and* encryption type correct. Trojita warns the user right in the settings dialog when the port number is unusual. The standard says that the default submission settings are STARTTLS and port 587. If you ask Trojita to use "TLS" on port 587, then Trojita attempts to initiate a TLS connection against a cleartext endpoint which won't work. In the past, a lot of software called the "hey, let's encrypt from the begining" option "SSL", and the other option, "start in cleartext and introduce encryption as soon as possible", was called "STARTTLS". Then encryption standard knows as "SSL v2" got disabled due to its unfixable security vulnerabilities, SSL v3 git deprecated in 2015, and everybody has been using something which is technically TLS for the past four years. -- You are receiving this mail because: You are watching all bug changes.