[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Filezilla a security risk

On Sun, 08 Jul 2012 08:55:15 +0200, Slavko wrote:

> Dňa Sun, 8 Jul 2012 00:04:33 -0400 Celejar <celejar@gmail.com> napísal:
> 
>> > I use POP3, smtp *and* SSL.  They are not mutually exclusive!!
>> 
>> Of course not - SSL just encapsulates the POP3 and SMTP protocols.
> 
> on this point i have one question. What about standards in SMTP & SSL?
> By mi search, the standard is SMTP + STARTTLS and not SSL + SMTP.
> 
> Can someone explain me this, please?

There are different implementations, all of them standarized:

While imaps (tcp/993), pop3s (tcp/995) and smtps (tcp/587) make use of 
specific computer ports, imap, pop3 and smtp using "STARTTLS" keep the 
same ports that their non-encrypted counterparts (143/110/25) to transmit 
clear text credentials protected.

When/why using one or another? 

Well, when opening ports is not possible (consider a restricted 
environment) or as Wikipedia¹ explains, independency and transparency 
seen as a plus when using this extension.

¹http://en.wikipedia.org/wiki/STARTTLS
  
Greetings,

-- 
Camaleón
Reply to: