[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure pop?

On Fri, 10 Sep 1999, chuck wrote:

> You might want more RAM in the end, but for SSL you want a Certifying
> Authority (or buy certs for every use :(.) which should be a securish
> machine.  I've seen places just wrap Cyrus IMAP or UW IMAP with SSL,
> pretty striaght forward.  Issues are getting the CERTs to each of your
> users - which just takes some time.

Having client certificates is not prerequisite for setting up
encrypted SSL channels. I have no idea, how those SSL capable
imap servers authenticate users though ... OTOH, setting up CA
with ssleay/openssl is quite easy, as far as you issue only
"dummy" certs for doing POP/IMAP over SSL. Have to keep in mind,
that CA's security and certification policies generally cannot be
changed later.