Security Basics mailing list archives
RE: Gmail and https
From: "Joe Klein" <Josephk () mischoice com>
Date: Mon, 11 Feb 2008 12:58:54 -0600
The reason for that is obvious... the increased hardware overhead for tens of thousands of SSL connections, if not hundreds of thousands of simultaneous SSL connections, for a 'free' service. Plus, anyone who gathers and sends email over unencrypted smtp/pop3/imap are afforded the same protection as unencrypted http-based webmail. -joe -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Mohammad Tina Sent: Monday, February 11, 2008 10:07 AM To: Daniel Jana Cc: security-basics () securityfocus com Subject: Re: Gmail and https Using https://mail.google.com stays with https that weird...why not use ssl for the whole session On Feb 11, 2008 5:59 PM, Daniel Jana <dfjana () gmail com> wrote:
Mohammad Tina wrote:Hi, I notices recently that gmail after you logon the header in the address bar is http not https? is that normal?Yes... if you log in through the regular www.gmail.com address, it will just use ssl for the authentication procedure. Use https://mail.google.com and this way it won't go back to http. Daniel PS - Yahoo does the same and so did hotmail when I last checked.
-- /Mohammad N. Tina
Current thread:
- Gmail and https Mohammad Tina (Feb 11)
- Re: Gmail and https Albert R. Campa (Feb 11)
- Re: Gmail and https Mike Hale (Feb 11)
- RE: Gmail and https Murda Mcloud (Feb 12)
- Re: Gmail and https Mike Hale (Feb 11)
- Message not available
- Re: Gmail and https Mohammad Tina (Feb 11)
- RE: Gmail and https Joe Klein (Feb 11)
- Re: Gmail and https Warren Myers (Feb 11)
- Re: Gmail and https Mohammad Tina (Feb 11)
- Re: Gmail and https Albert R. Campa (Feb 11)
- RE: Gmail and https Joe Klein (Feb 11)
- RE: Gmail and https Ben de Bont (Feb 11)
- RE: Gmail and https Murda Mcloud (Feb 12)
- RE: Gmail and https Joe Klein (Feb 12)
- Re: Gmail and https Security Basic (Feb 13)
- RE: Gmail and https Ben de Bont (Feb 11)
- Re: Gmail and https Steven D. Ellison (Feb 11)