Re: Misleading sense of security in Netscape

[smb () RESEARCH ATT COM (Steven M. Bellovin)]

In message <387E245C.F279E367 () digsigtrust com>, Craig Ruefenacht writes:

> It is well known throughout the Internet that the two most common
> protocols for reading email, POP3 (port 110) and IMAP (port 143), are
> sent in the clear over the network.

It's worth noting that many POP3 servers and clients support APOP
authentication, which eliminates the problem of the plaintext password going
over the wire.  As best I can tell, Netscape's mail client doesn't give you
that choice.

                --Steve Bellovin