• Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.3
    • Labels:


      The API offers two categories of settings for the configuration of SSL/TLS: setSSL and setTLS (and respective associated methods).

      The names are quite misleading, as this doesn't really oppose SSL and TLS. A number of e-mail applications make this mistake, but "TLS" is used here to mean "using STARTTLS" and "SSL" is used here to mean "SSL or TLS, upon connection".

      The difference is that:

      • With "SSL" (as incorrectly named here), the SMTP client connects to the SMTP server on a dedicated port and starts the SSL/TLS handshake upon connection. This is then followed by "normal" SMTP traffic on this SSL/TLS layer.
      • With "TLS" (as incorrectly named here), the SMTP client connects to the SMTP server on the same port as it would do for plain-text SMTP, exchanges a few SMTP commands, including STARTTLS (RFC 3207), and then starts an SSL/TLS handshake to upgrade to a secure channel.

      This is not so much a difference between SSL and TLS, but rather a difference regarding when the connection is turned into a secure one.
      The difference between SSLv3 and TLS 1.0 is mostly a version difference, where SSLv3 is the predecessor of TLS 1.0.
      You can have an TLS 1.0+ upon connection, using the "SSL" setting, without using STARTTLS (it's a version configuration up to the SSLEngine or SSLSocketFactory).
      Similarly, although it's not written in the specification, some servers seem to accept an SSLv3 handshake (instead of its successor version: TLS 1.0) after STARTTLS.

      I'd suggest deprecating setSSL and setTLS and replacing them with setOnConnectSSL and setStartTLS (or similar), respectively.

      1. ssl-starttls.patch
        8 kB
        Bruno Harbulot


        Bruno Harbulot created issue -
        Bruno Harbulot made changes -
        Field Original Value New Value
        Attachment ssl-starttls.patch [ 12486775 ]
        Siegfried Goeschl made changes -
        Assignee Siegfried Goeschl [ sgoeschl ]
        Siegfried Goeschl made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        Siegfried Goeschl made changes -
        Status In Progress [ 3 ] Open [ 1 ]
        Siegfried Goeschl made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Fix Version/s 1.3 [ 12315052 ]
        Resolution Fixed [ 1 ]
        Thomas Neidhart made changes -
        Status Resolved [ 5 ] Closed [ 6 ]


          • Assignee:
            Siegfried Goeschl
            Bruno Harbulot
          • Votes:
            0 Vote for this issue
            1 Start watching this issue


            • Created: