StartTLS vs SSL/TLS
When setting up your email accounts in your mail program (in my case Thunderbird) you may be given the option of choosing between SSL/TLS and STARTLS.
What is the difference between SSL/TLS and STARTTLS?
Not that much actually. In SSL/TLS the client initiates a connection to the server and starts the SSL handshake. In other words, this is an implicit SSL / TLS connection with the TLS / SSL handshake and encryption happening before the protocol level flow of communication.
In STARTTTL a regular unencrypted connection is established with the server and if possible this connection is subsequently upgraded to a TLS / SSL connection. So in both cases you get encrypted mail comms and there really is not a huge amount of difference from a practical point of view for the end user.
Should I use SSL/TLS or STARTTLS?
As mentioned above it doesn’t really matter a great deal but if you have the choice as you do on WebCP.io web hosting servers then choose SSL/TLS implicitly.
jsmcm
Comments