On 2009-02-15, Brandon Sandrowicz <bsand...@gmail.com> wrote: > Gmail uses TLS over SMTP (TLS is just a way to start an SSL > connection over a normal connection, as opposed to using a > completely separate port for SSL-only connections).
No, that's not what TLS is. TLS is the encryption standard that superceded the Netscape proprietary SSL protocol when the parties involved in the standards effort couldn't agree on what to call it. Netscape wanted to use the name of their proprietary protocol (e.g. "SSL version 3.x"), Microsoft wanted to use the name of their proprietary protocol (I forget what it was called). So the standards committee made up a new name: "Transport Layer Security" or "TLS". The schemes where the server/client first connect in the clear and negotiate whether or not to start an encyryption session isn't part of the SSL or TLS specs. It's an extension of the IMAP or POP3 or SMTP (or whatever) application protocol. What you're talking about is the "starttls" extension to IMAP, SMTP, and POP3. http://www.sendmail.org/~ca/email/starttls.html http://sial.org/howto/openssl/tls-name/ -- Grant
