nanog mailing list archives
Re: Gmail and SSL
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Tue, 1 Jan 2013 11:18:38 -0500
On Mon, Dec 31, 2012 at 9:07 AM, John R. Levine <johnl () iecc com> wrote:
Also keep in mind that this particular argument is about the certs used to submit mail to Gmail, which requires a separate SMTP AUTH within the SSL session before you can send any mail. This isn't belt and suspenders, this is belt and a 1/16" inch piece of duct tape.
wait, no... this was gmail's pop crawlers gathering mail from remote pop services wasn't it? (or that was my impression at least). so this is, I think, an attempt by gmail/google to protect their users from intermediaries presenting a certificate for 'floof' self-signed instead of iecc.com ... -chris
Current thread:
- Re: Gmail and SSL Christopher Morrow (Jan 01)
- <Possible follow-ups>
- Re: Gmail and SSL Keith Medcalf (Jan 01)
- Re: Gmail and SSL Christopher Morrow (Jan 01)
- Re: Gmail and SSL Matthew Palmer (Jan 01)
- Re: Gmail and SSL Mike Jones (Jan 01)
- Re: Gmail and SSL Jimmy Hess (Jan 02)
- Re: Gmail and SSL Scott Howard (Jan 01)
- Re: Gmail and SSL Keith Medcalf (Jan 01)
- Re: Gmail and SSL Valdis . Kletnieks (Jan 02)
- Re: Gmail and SSL Steven Bellovin (Jan 02)
- Re: Gmail and SSL Randy Bush (Jan 02)
- Re: Gmail and SSL Steven Bellovin (Jan 02)
(Thread continues...)