[prev in list] [next in list] [prev in thread] [next in thread]
List: kolab-devel
Subject: Re: [Kolab-devel] reason for unencrypted services being enabled per
From: Martin Konold <martin.konold () erfrakon ! de>
Date: 2010-08-27 8:54:04
Message-ID: 4C777D2C.7090700 () erfrakon ! de
[Download RAW message or body]
Am 26.08.2010 18:01, schrieb Gunnar Wrobel:
> Hi,
>
> Zitat von Silvan Marco Fin <silvan@kernelconcepts.de>:
>
>
>> Hi!
>>
>> Is there a particular reason, why the kolab services (imap, smtp,
>> http, ldap) are configured to accept unencrypted connections per
>> default?
>>
> I assume there were some good reasons in the past to choose the
> defaults as we have them now. And one might have been "Outlook".
Outlook is not the culprit here.
SMTP: Connections from outside are typically unencrypted and
unauthenticated. Authenticated connections shall be encrypted.
HTTP: We automatically redirect to HTTPS.
For all other protocolls the reason for allowing unencrypted
communication is that encryption only makes sense with an appropriate
certificate management. The later is not part of the kolab distribution
sofar and is typically not fully implemented in standard installations.
We therefore decided to enable and encourage the use of SSL while not
enforce its usage in every case in the default setup. Changing this is
only some mouse clicks away on the settings page in the admin interface.
Yours,
-- martin
_______________________________________________
Kolab-devel mailing list
Kolab-devel@kolab.org
https://kolab.org/mailman/listinfo/kolab-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic