I\'m writing up documentation and want to ensure that I\'m using proper terminol

Question

I'm writing up documentation and want to ensure that I'm using proper terminology.

1) What is the proper technical term for the SMTP tunnel encryption standard that typically starts on TCP/25, involves checking ESMTP capabilities for 250-STARTTLS and issuing the STARTTLS command (followed by negotiation, public cert exchange, etc)?

2) Likewise, what is the proper technical term for SMTP tunnel encryption that uses port TCP/465 and requires negotiation immediately

I've always just called #1 "TLS Encryption"/"TLS" and #2 "Secure SMTP"/"SMTPS" but I don't think that's accurate.

Explanation / Answer

The emailing application on my smartphone (the stock one from Android 2.2) designates the SMTP-within-SSL on port 465 as "SSL", and the STARTTLS command (within a port 25 connection) as "TLS". This is atrociously wrong and confusing, but so it is.

Personally I'd use "STARTTLS" or "SMTP+STARTTLS" (if the "SMTP" part is not obvious from context) to designate the use of port 25 and STARTTLS command; for the other case, "SMTPS", as @David suggests, is quite good, by analogy with HTTPS.

(The same debate exists for IMAP, with similar conclusions.)

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects