SSL versus TLS versus STARTTLS

A Protocol Renamed | STARTTLS | Implementations

This page outlines terminology problems with the Secure Sockets Layer (SSL) protocol, the Transport Layer Security (TLS) protocol, the term STARTTLS, and the Transmission Control Protocol (TCP) ports used for encrypted connections. Other information on OpenSSL is available on this site.

The book SSL and TLS: Designing and Building Secure Systems details the history of the protocol; for more information on TLS see [RFC 2246].

A Protocol Renamed

The encryption protocol SSL is now named TLS, resulting in two names for the same protocol. Current software will negotiate TLS version 1 or SSL version 3 automatically. Humans, on the other hand, have to decide between using the more recognizable SSL term versus the official TLS designation.

The new protocol versions have fixed security problems in the protocol itself: use of SSL version 1 should be eliminated, and SSL version 2 disabled if possible.

Hereafter in this documentation, the official TLS term is used, though bear in mind software may fall back to using SSL version 3 if needed, and that users are more likely to recognize SSL.

STARTTLS

The situation is complicated by the term STARTTLS and conflicting naming conventions used by vendors to describe STARTTLS versus different TCP ports used to establish encrypted connections.

STARTTLS occurs when an existing TCP connection negotiates an encrypted session over the previously unencrypted link. This contrasts with https, which negotiates an encrypted connection directly. A common use of STARTTLS is by e-mail clients to upgrade an existing Simple Mail Transport Protocol (SMTP) connection to be encrypted.

The following example shows how a SMTP client negotiates an encrypted connection with STARTTLS. First, the Mail Exchange (MX) for the domain (example.org) must be looked up, then the smtp port on the MX at smtp.example.org connected to. Then the SMTP verbs EHLO and STARTTLS are used to begin negotiating an encrypted dialog.

$ host -t mx example.org
example.org mail is handled by 10 smtp.example.org.
$ telnet smtp.example.org 25
Trying 192.0.2.1...
Connected to smtp.example.org.
Escape character is '^]'.
220 smtp.example.org ESMTP Sendmail 8.13.2/8.13.2
EHLO client.example.org
250-smtp.example.org Hello client.example.org [192.0.2.7], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 16180340
250-DSN
250-STARTTLS
250-DELIVERBY
250 HELP
STARTTLS
220 2.0.0 Ready to start TLS
?

The OpenSSL library ships with the openssl utility, which has a s_client mode to test encrypted connections. More recent versions of the openssl utility support STARTTLS for protocols such as smtp and pop3. The openssl invocations below show how to connect via https to www.example.org and pop3 with STARTTLS to mail.example.org. Once connected, the protocol in question can then be used.

$ openssl s_client -connect www.example.org:443 -showcerts
?
GET / HTTP/1.0

HTTP/1.1 200 OK
?
$ openssl s_client -connect mail.example.org:110 -showcerts -starttls pop3
?
+OK POP3 mail.example.org v2003.83 server ready
quit
+OK Sayonara

To check whether a connection is encrypted, use a network debugging tool like tcpflow or wireshark.

For more information on the port numbers used by smtp and others, see the /etc/services file on a Unix system, or the Internet Assigned Numbers Authority (IANA) port number assignments. The following are common ports used by e-mail, web, and directory services.

smtp 25/tcp Simple Mail Transfer

http 80/tcp World Wide Web HTTP

pop3 110/tcp Post Office Protocol - Version 3
imap 143/tcp Internet Message Access Protocol

ldap 389/tcp Lightweight Directory Access Protocol

https 443/tcp http protocol over TLS

smtps 465/tcp #smtp protocol over TLS (was ssmtp)
submission 587/tcp Submission for Simple Mail Transfer

ldaps 636/tcp sldap #ldap protocol over TLS

imaps 993/tcp # imap4 protocol over TLS
pop3s 995/tcp # pop3 protocol over TLS

Implementations

Various client applications have different names for the above protocol, STARTTLS, and ports involved to negotiate an encrypted connection. This section documents the terminology used in Eudora, Mail, and Mozilla.

Eudora

Eudora uses the term Alternate Port to designate direct TLS to a service such as smtps or imaps; otherwise, STARTTLS is used to upgrade an existing connection if SSL is enabled. The older protocol name of SSL is used throughout.

Mail

Apple?s Mail application has checkboxes to enable TLS for incoming Internet Message Access Protocol (IMAP) or outgoing SMTP connections. STARTTLS or direct TLS is used automatically, depending on the target port.

Mozilla

For downloading e-mail via Post Office Protocol Version 3 (POP3) or IMAP, Mozilla appears to only support TLS via the pop3s or imaps ports. Mozilla as of version 1.7 offers several choices for the encryption of outgoing e-mail via SMTP.