From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/71803 Path: news.gmane.org!not-for-mail From: CHENG Gao Newsgroups: gmane.emacs.gnus.general Subject: Re: STARTTLS support Date: Sun, 26 Sep 2010 12:20:08 +0800 Organization: cyberhut.org Message-ID: References: <87ocbo4e4c.fsf@gmail.com> <87mxr7z8hp.fsf@gmail.com> <844odf5ap0.fsf@davestoy.home> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1285475529 16501 80.91.229.12 (26 Sep 2010 04:32:09 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sun, 26 Sep 2010 04:32:09 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M20176@lists.math.uh.edu Sun Sep 26 06:32:08 2010 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1OziuF-0002GV-Rq for ding-account@gmane.org; Sun, 26 Sep 2010 06:32:08 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1Ozitr-0003Ys-FO; Sat, 25 Sep 2010 23:31:43 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1Ozito-0003Ya-7A for ding@lists.math.uh.edu; Sat, 25 Sep 2010 23:31:40 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtp (Exim 4.72) (envelope-from ) id 1Ozita-0006jP-4C for ding@lists.math.uh.edu; Sat, 25 Sep 2010 23:31:39 -0500 Original-Received: from lo.gmane.org ([80.91.229.12]) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1OzitZ-0007gQ-00 for ; Sun, 26 Sep 2010 06:31:25 +0200 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1OzitX-00028g-DL for ding@gnus.org; Sun, 26 Sep 2010 06:31:23 +0200 Original-Received: from 121.229.54.157 ([121.229.54.157]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 26 Sep 2010 06:31:23 +0200 Original-Received: from chenggao by 121.229.54.157 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 26 Sep 2010 06:31:23 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 25 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: 121.229.54.157 User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (darwin) Cancel-Lock: sha1:66b8HGxww9lPiUs4I2nVk7NgLyk= X-Spam-Score: -0.7 (/) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:71803 Archived-At: *On Sat, 25 Sep 2010 21:24:01 +0200 * Also sprach Lars Magne Ingebrigtsen : > CHENG Gao writes: > >> Please forgive me for asking one stupid question: what's the benefit of >> STARTTLS over TLS (if server supports STARTTLS over IMAP)? > > Isn't STARTTLS just a hack to provide encryption without having to open > more ports in the firewall, sort of? STARTTLS is just that you contact > a server the normal way, then say "STARTTLS", and then you start > negotiating the encryption and stuff. > > TLS is just contacting a socket and then doing the encryption > negotiation immediately, without saying "STARTTLS" in clear text first. Thanks for your explanation. I am wondering if starttls.el and tls.el could be merged. To my understanding, they are to some extent same thing (anyway starttls is tls). According to manual starttls is recommended way (if server supports it), and gnutls is recommended tool. So IMHO starttls.el could be merged into tls.el, and change starttls-program default to gnutls instead of homebrewed starttls. Or even remove support of starttls (last version is in 2005)?