Re: Security issues (ssl/tls) was: Anyone else seeing slow gmail



Hi Jack:

Am 21.07.16 23:58 schrieb(en) Jack:
Is there any (reasonably easy) way to determine which version is actually being used?  I've tried balsa -d with debug checked in 
the config page, but don't see anything useful.  In the popfile log, I see "pop3: 529: Attempting to connect to SSL server 
at pop.gmail.com:995" but a few lines later I see "auth plaintext".  I suppose next I'll start digging into the 
ssl config itself to see what logging it does.  I really don't want to have to resort to setting up wireshark, but I suppose it's 
an option to be certain.

Wireshark is actually the most easy way:
- choose the proper interface
- set "tcp.port == 995 && ssl.handshake" as filter

In the dump, the "Protocol" column will show the protocol version being used (TLSv1 or TLSv1.1 or TLSv1.2 - 
only the latter should be used).  You may want to look into the packet details to see the negotiated cipher, etc.  Note 
that even if Balsa offers (in the client hello negotiation phase) TLSv1.2, the server may force the connection to use 
TLSv1.

The "auth plaintext" operation is absolutely safe if it is performed over an encrypted connection.

Hth,
Albrecht.

Attachment: pgpUGmWPwNht9.pgp
Description: PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]