[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Secure pop?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Secure pop?
- From: Toomas Kiisk <vix_(_at_)_cyber_(_dot_)_ee>
- Date: Sun, 12 Sep 1999 00:36:38 +0300 (EET DST)
On Fri, 10 Sep 1999, chuck wrote:
> You might want more RAM in the end, but for SSL you want a Certifying
> Authority (or buy certs for every use :(.) which should be a securish
> machine. I've seen places just wrap Cyrus IMAP or UW IMAP with SSL,
> pretty striaght forward. Issues are getting the CERTs to each of your
> users - which just takes some time.
Having client certificates is not prerequisite for setting up
encrypted SSL channels. I have no idea, how those SSL capable
imap servers authenticate users though ... OTOH, setting up CA
with ssleay/openssl is quite easy, as far as you issue only
"dummy" certs for doing POP/IMAP over SSL. Have to keep in mind,
that CA's security and certification policies generally cannot be