28 Oct
2011
28 Oct
'11
11:41 a.m.
On 28/10/11 22:33, Johnathon Tinsley wrote:
So encryption is doing it's job, blocking a third
party from
intercepting the data. I don't see that the fault is the tech involved here.
Sure in this case, but it also stopped him getting his mail, this is
hardly the desired or intended outcome. However if he uses ssmtp on port
465 I bet he'll get both an encrypted connection and a working connection.
Also I'm sure there would be badly designed software out there that
would silently fall back to clear text in this situation because having
a functional connection is more important than security.
As the computational overhead of encryption, and the
cost of the certs,
is really worth it for every 'my cat is awesome' blog...
This is why everything went SSH based, cause it's a rip off, but it's
certainly not the only way to do it, as for computational cost have you
browsed a bank website on a phone lately, the cost is getting close to
zero...