g***@rr.com
2022-10-06 11:08:13 UTC
The following was posted in the Comcast news group.
Will this affect using Eudora if you have the latest HERMES patches
installed for sending and receiving Comcast emails?
probably to ensure there is decent response from the test service
rather
than having all their users flood it at the same time while testing an
unusually high count of e-mail clients. Plus, a Comcast account can
have more than one e-mail account: owner account plus up to 5 member
accounts (or maybe it's 5 total for owner+member). If their test
server
gets flooded, users would get frustrated in not receiving the response
e-mail for a long time instead of nearly immediately.
SSL was found vulnerable, so it got dropped. SSL 3.0 was the last
version. TLS 1.0 is exactly the same as SSL 3.0, except the
handshaking
was changed for TLS 1.0, so SSL 3.0 and TLS 1.0 were made
incompatible,
but security was not improved, so TLS 1.0 is just as vulnerable as SSL
3.0. TLS 1.1 came next, and found vulnerable. So, many sites or
services now require TLS 1.2 at a minimum although TLS 1.3 is now
available.
https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0,_2.0,_and_3.0
https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols
Will this affect using Eudora if you have the latest HERMES patches
installed for sending and receiving Comcast emails?
In the email sent out by Comcast, announcing that some devices/email
clients may be using software that uses TLS 1.1 or lower, will no longer
be supported by Comcast mail.
In that letter, Comcast gives an xfinity email address to which one can
send a test email to see if your email software passes their
requirements. I did, and I pass.
But why does the letter say that one can test up to five times a day?
"We noticed you're accessing your Comcast.net email through an older
email application or device, such as an older smartphone. Unfortunately,
some older devices, operating systems, and email applications don't
support current security protocols and therefore put your data at risk."
"We'll contact you again before these changes are made. You can check if
your email applications are up to date by sending a test email to
A user can employ multiple e-mail clients, not just one. The limit isclients may be using software that uses TLS 1.1 or lower, will no longer
be supported by Comcast mail.
In that letter, Comcast gives an xfinity email address to which one can
send a test email to see if your email software passes their
requirements. I did, and I pass.
But why does the letter say that one can test up to five times a day?
"We noticed you're accessing your Comcast.net email through an older
email application or device, such as an older smartphone. Unfortunately,
some older devices, operating systems, and email applications don't
support current security protocols and therefore put your data at risk."
"We'll contact you again before these changes are made. You can check if
your email applications are up to date by sending a test email to
probably to ensure there is decent response from the test service
rather
than having all their users flood it at the same time while testing an
unusually high count of e-mail clients. Plus, a Comcast account can
have more than one e-mail account: owner account plus up to 5 member
accounts (or maybe it's 5 total for owner+member). If their test
server
gets flooded, users would get frustrated in not receiving the response
e-mail for a long time instead of nearly immediately.
SSL was found vulnerable, so it got dropped. SSL 3.0 was the last
version. TLS 1.0 is exactly the same as SSL 3.0, except the
handshaking
was changed for TLS 1.0, so SSL 3.0 and TLS 1.0 were made
incompatible,
but security was not improved, so TLS 1.0 is just as vulnerable as SSL
3.0. TLS 1.1 came next, and found vulnerable. So, many sites or
services now require TLS 1.2 at a minimum although TLS 1.3 is now
available.
https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0,_2.0,_and_3.0
https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols