Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Documentation often refers to the implcit-TLS protocol as SSL, and the STARTTLS protocol as TLS, with the implication that the latter is better.

It's even easier to fall for these shenanigans if you know just a little bit about security and heard that TLS supersedes SSL.



This makes sense, because perhaps the world's most important email client that still costs money to buy (Outlook) used the terms SSL and TLS like that for about a decade. These days the toggle says "SSL/TLS" versus "STARTTLS", I believe, or they may have even dropped the toggle completely to just auto-detect the protocol based on the port number.

Using correct terminology would've led to tons of unnecessary helpdesk calls because Microsoft messed up its naming scheme.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: