Re: IMAPS problems...

On Wed, 22 August 15:36 Carlos Morgado wrote:
> On 2001.08.22 15:06:53 +0100 Brian Stafford wrote:
> > 
> > Right, I missed that bit.  Anyhow an OpenSSL based SSL tunnel will do TLS
> > too!
> > No matter what, if TLS is available then use it.
> > 
> TLS inside SSL = overhead

If a tunnel is in use, the server doesn't know that encryption is already
on the channel.  If the server is doing the TLS/SSL session natively then
it can't apply encryption twice anyway.

What I was getting at though is that given the choice between SSL and TLS
*always* use TLS and never use SSL.

> > But that puzzles me though.  If the server can do TLS/SSL directly, why
> > tunnel?
> > 
> ops, my fault, not tunnel in the sense of ssh, tunnel in the sense of SSL
> connection

OK.  In this case I don't see how its possible to encrypt twice with any of
the TLS toolkits I'm aware of.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]