"STARTTLS" redirects here. For the certificate authority, see StartCom § StartSSL.
Opportunistic TLS (Transport Layer Security) refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted communication. Several protocols use a command named "STARTTLS" for this purpose. It is a form of opportunistic encryption and is primarily intended as a countermeasure to passive monitoring.
The STARTTLS command for IMAP and POP3 is defined in RFC 2595, for SMTP in RFC 3207, for XMPP in RFC 6120 and for NNTP in RFC 4642. For IRC, the IRCv3 Working Group defined a STARTTLS extension, though it was later deprecated.[1] FTP uses the command "AUTH TLS" defined in RFC 4217 and LDAP defines a protocol extension OID in RFC 2830. HTTP uses an upgrade header.
^"tls Extension". IRCv3 Working Group. 2012. Retrieved 6 April 2024.
OpportunisticTLS (Transport Layer Security) refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection...
upgrading to a TLS encrypted session is dependent on the connecting client deciding to exercise this option, hence the term opportunisticTLS. STARTTLS is...
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely...
between mail servers, this is not typically enforced, but instead OpportunisticTLS is used - where mail servers negotiate for each email connection whether...
Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL. The...
DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS...
However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other device, though TLS certificates may identify organizations...
AnyConnect VPN and in OpenConnect VPN to solve the issues TLS has with tunneling over TCP (SSL/TLS are TCP-based, and tunneling TCP over TCP can lead to big...
an SSL/TLS channel. SSL/TLS provides transport-level security with key negotiation, encryption and traffic integrity checking. The use of SSL/TLS over TCP...
servers over Transport Layer Security (TLS) using an Application-Layer Protocol Negotiation (ALPN) extension where TLS 1.2 or newer is required. HTTP/3, the...
and encrypting traffic. Opportunistic encryption tcpcrypt (a newer proposal with similar goals) Transport Layer Security (TLS, also known as SSL) IPsec...
of a lower version of TLS between the client and server. This is one of the most common types of downgrade attacks. Opportunistic encryption protocols...
as well as the TLS protocol, and contains many security and control features. It uses a custom security protocol that utilizes SSL/TLS for key exchange...
widespread use operate above the network layer, such as Transport Layer Security (TLS) that operates above the transport layer and Secure Shell (SSH) that operates...
them via a common user interface: Initial connection to the VPN server via TLS Authentication phase via HTTPS (using HTML forms, client certificates, XML...
to TCP transport. DNS over TLS emerged as an IETF standard for encrypted DNS in 2016, utilizing Transport Layer Security (TLS) to protect the entire connection...
in that case. As a result, most email that is delivered over TLS uses only opportunistic encryption. DANE is a proposed standard that makes an incremental...
transport layer communication encryption protocol. Unlike prior protocols like TLS (SSL), tcpcrypt is implemented as a TCP extension. It was designed by a team...