[danimo]

Note that rich does not claim anything else. However, there is a fundamental difference between "initiate TLS connection from byte 0" (as used in HTTPS, but also IMAPS or SMTPS) and STARTTLS, where the protocol is plain text until the client issues the STARTTLS command, make makes protocols that were designed to TLS-enable plain text only protocols such as IMAP and SMTP (without the 'S'), while keeping the port number.

That was the point of this note. And of course there are even more use cases for TLS.

[richm44]

Yes, please don't think I'm saying that I think protocols that start off as plain text then upgrade are a good design - I don't. All I mean there is that I've written the code required to fingerprint the implementation those use too, by performing the plain text negotiation before each probe.