ftp ssl

[Honza Petrous]

On Út, 2002-06-11 at 10:42, Peter Mann wrote:
> On Tue, Jun 11, 2002 at 10:38:01AM +0200, Dan Ohnesorg wrote:
> > Kdyz uz jsme v tom co ma kdo zafixovano, tak ja mam za to, ze TLS je SSL 
> > spoustene v ramci extenze puvodniho protokolu. Takze treba ssl imap se 
> > spojuje na vlastnim portu, kdezto TLS imap na puvodnim s tim, ze po 
> > otvereni spojeni a zjisteni capatibilities server pouzije prikaz STARTTLS.
> 
> tiez sa k tomu pripajam - podobne smtp vs. ssmtp
> 

Nemate pravdu! Donutili jste me znova precist RFC 2246
(mate stesti, ze se nezname, jinak bych zas ja vas oba
donutil mi zplatit "par" piv :) a tam je v sekci 3 uvedeno:

| This document and the TLS protocol itself are based on the SSL 3.0
| Protocol Specification as published by Netscape. The differences
| between this protocol and SSL 3.0 are not dramatic, but they are
| significant enough that TLS 1.0 and SSL 3.0 do not interoperate
| (although TLS 1.0 does incorporate a mechanism by which a TLS
| implementation can back down to SSL 3.0). This document is intended
| primarily for readers who will be implementing the protocol and those
| doing cryptographic analysis of it. The specification has been written
| with this in mind, and it is intended to reflect the needs of those
| two groups. For that reason, many of the algorithm-dependent data
| structures and rules are included in the body of the text (as opposed
| to in an appendix), providing easier access to them.

Rozdil mezi TLS a START-TLS spojenim je v tom, ze prvni vyzaduje TLS
kdezto druhe je pouze "capable".

/Honza