Security Basics mailing list archives
Re: newbie question
From: nospam <nospam () dranem org>
Date: Thu, 07 Sep 2006 11:41:31 -0300
Yes gmail CAN and DOES [not by default] use SSL When on an untrusted network I start the session from https://gmail.google.com and It Maintains the session in SSL until I log out steve Bora Dal wrote:
I think GMail uses SSL (https://....) by default; it certainly supports it. If you can connect directly to Google, that's probably good enough.Gmail does not use SSL in all phases of the your "mail experience". If you take a look, SSL is used just in the initial login phase, sending your credentials with SSL. The rest of the communication takes place without the cover of encryption. In my opinion the safest gmail use is done through enabling POP3 and SMTP with "delete the mail from gmail mailbox after its retrieved option" set. The mail dropped into the local mailbox should be secured, ofcourse thats another story :) Regards, Bora Dal, CISSP, CISA --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: newbie question, (continued)
- Re: newbie question Ayaz Ahmed Khan (Sep 07)
- Re: newbie question jm (Sep 08)
- Re: newbie question Colin Copley (Sep 05)
- RE: newbie question Robert D. Holtz - Lists (Sep 06)
- Re: newbie question Muiex (Sep 07)
- Re: newbie question krymson (Sep 06)
- Re: newbie question Matt Davis (Sep 07)
- RE: newbie question Bora Dal (Sep 06)
- Message not available
- Re: newbie question Paul Rochford (Sep 07)
- Re: newbie question Matt Davis (Sep 08)
- Message not available
- Re: newbie question nospam (Sep 07)
- RE: newbie question Tom Crimmins (Sep 07)
- Re: newbie question javier rojas (Sep 08)