Application Configuration Access Protocol (ACAP) over SSLv3/TLSv1 uses the STARTTLS extension mechanism to provide secure message transport. If the capability is supported by the server it is listed in the ACAP greeting. STARTTLS is only valid in the non-authenticated state. Below is an example of the client-server communication to set-up Secure ACAP.