Skip to main content


Home STARTTLS

STARTTLS

(also STARTTLS command)

STARTTLS definition

STARTTLS is a protocol command used in communication protocols to initiate a transition to a secure channel from an insecure one. For example, often employed in email communication, this command signals the need to upgrade to a Transport Layer Security (TLS) encrypted connection, which provides secure data exchange by encrypting all data sent over the connection.

See also: SSL encryption, VPN gateway

STARTTLS examples

  • Email communication: SMTP servers use the STARTTLS command to initiate an encrypted channel for email transmission.
  • Internet relay chat: IRC servers use STARTTLS to upgrade to a secure connection.

Advantages and disadvantages of STARTTLS

Pros:

  • Encryption: STARTTLS enhances data security by initiating an encrypted connection, securing sensitive information from prying eyes.
  • Flexibility: It allows for an upgrade from an insecure connection to a secure one without the need for separate ports for secure and insecure connections.

Cons:

  • Downgrade attacks: STARTTLS can be susceptible to downgrade attacks, where the attacker intercepts the STARTTLS request and forces the connection to remain insecure.
  • Not compulsory: The decision to upgrade to a secure connection using STARTTLS is optional, which means some services may continue to send information over insecure connections.

Using STARTTLS

  • Ensure your email or chat server supports STARTTLS to take advantage of secure communication.
  • Combine the use of STARTTLS with a VPN for an additional layer of security.