tls vs ssl
in [Postfix]
|
From: "Daniel L. Miller" on 2 Mar 2010 02:18 OK - I'm an idiot. I'll just admit that up front and get it out of the way. Now that that's settled, what is the difference between "SSL" and "TLS" in a MUA - particularly Thunderbird - in a Postfix context? I would have sworn I used to use Thunderbird with "SSL" specified and connected to my Postfix servers fine. Now, I can only connect in "TLS" mode. What did I break? -- Daniel
From: Stan Hoeppner on 2 Mar 2010 02:51 Daniel L. Miller put forth on 3/2/2010 1:18 AM: > OK - I'm an idiot. I'll just admit that up front and get it out of the > way. > > Now that that's settled, what is the difference between "SSL" and "TLS" > in a MUA - particularly Thunderbird - in a Postfix context? > > I would have sworn I used to use Thunderbird with "SSL" specified and > connected to my Postfix servers fine. Now, I can only connect in "TLS" > mode. What did I break? It's unlikely you'd forget setting up SSL. You would have likely created a self signed server certificate and would have installed it on all clients connecting to the server, just as must be done with web browsers connecting to a secure site for the first time. You've likely been using STARTTLS only, which doesn't require a key exchange as SSL/TLS does. STARTTLS != TLS. -- Stan
From: Bill Landry on 2 Mar 2010 03:01 On 3/1/2010 11:51 PM, Stan Hoeppner wrote: > Daniel L. Miller put forth on 3/2/2010 1:18 AM: >> OK - I'm an idiot. I'll just admit that up front and get it out of the >> way. >> >> Now that that's settled, what is the difference between "SSL" and "TLS" >> in a MUA - particularly Thunderbird - in a Postfix context? >> >> I would have sworn I used to use Thunderbird with "SSL" specified and >> connected to my Postfix servers fine. Now, I can only connect in "TLS" >> mode. What did I break? > > It's unlikely you'd forget setting up SSL. You would have likely created a > self signed server certificate and would have installed it on all clients > connecting to the server, just as must be done with web browsers connecting > to a secure site for the first time. > > You've likely been using STARTTLS only, which doesn't require a key exchange > as SSL/TLS does. STARTTLS != TLS. Huh, what? STARTTLS == Start TLS http://en.wikipedia.org/wiki/STARTTLS Bill
From: Stan Hoeppner on 2 Mar 2010 03:16 Bill Landry put forth on 3/2/2010 2:01 AM: > On 3/1/2010 11:51 PM, Stan Hoeppner wrote: >> Daniel L. Miller put forth on 3/2/2010 1:18 AM: >>> OK - I'm an idiot. I'll just admit that up front and get it out of the >>> way. >>> >>> Now that that's settled, what is the difference between "SSL" and "TLS" >>> in a MUA - particularly Thunderbird - in a Postfix context? >>> >>> I would have sworn I used to use Thunderbird with "SSL" specified and >>> connected to my Postfix servers fine. Now, I can only connect in "TLS" >>> mode. What did I break? >> >> It's unlikely you'd forget setting up SSL. You would have likely >> created a >> self signed server certificate and would have installed it on all clients >> connecting to the server, just as must be done with web browsers >> connecting >> to a secure site for the first time. >> >> You've likely been using STARTTLS only, which doesn't require a key >> exchange >> as SSL/TLS does. STARTTLS != TLS. > > Huh, what? STARTTLS == Start TLS > > http://en.wikipedia.org/wiki/STARTTLS He's talking about Thunderbird Bill. In that context, IIRC, one can check the STARTTLS option box, and if the outgoing SMTP server doesn't support STARTTLS, Thunderbird fails gracefully without error and falls back to plain text mode. If, on the other hand, one checks SSL/TLS, you don't get the graceful failure, but a hard error. This is the context of my STARTTLS != TLS comment. It's been a very long time since I messed with this, probably pre 2.0, so my memory could be a little foggy. I would hope the Mozilla team would have changed this behavior in recent revs of T-Bird. -- Stan
From: Timo Sirainen on 2 Mar 2010 03:25 On 2.3.2010, at 9.18, Daniel L. Miller wrote: > OK - I'm an idiot. I'll just admit that up front and get it out of the way. > > Now that that's settled, what is the difference between "SSL" and "TLS" > in a MUA - particularly Thunderbird - in a Postfix context? http://wiki.dovecot.org/SSL tries to explain their difference. > I would have sworn I used to use Thunderbird with "SSL" specified and > connected to my Postfix servers fine. Now, I can only connect in "TLS" > mode. What did I break? You no longer have smtps port enabled?
|
Next
|
Last
Pages: 1 2 3 Prev: Maildir ownership/permission flags Next: Bad Header: Non-encoded 8-bit data |