On 2012-12-15 1:51 AM, Eugen Leitl wrote:
----- Forwarded message from Randy <[email protected]> -----
From: Randy <[email protected]>
Date: Fri, 14 Dec 2012 09:47:03 -0600
To: NANOG list <[email protected]>
Subject: Gmail and SSL
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
rv:17.0) Gecko/17.0 Thunderbird/17.0
I'm hoping to reach out to google's gmail engineers with this message,
Today I noticed that for the past 3 days, email messages from my personal
website's pop3 were not being received into my gmail inbox. Naturally, I
figured that my pop3 service was down, but after some checking, every thing
was working OK. I then checked gmail settings, and noticed some error.
It explained that google is no longer accepting self signed ssl
certificates. It claims that this change will "offer[s] a higher level of
security to better protect your information".
I don't believe that this change offers better security. In fact it is now
unsecured - I am unable to use ssl with gmail, I have had to select the
plain-text pop3 option.
From the point of view of the state, the big advantage of SSL
certificates signed by an authority, is that there are plenty of
authorities that will sign anything the state tells them to.
If, for example, your website is e-gold.com, this leads to problems.
Google has a propensity to favor state friendly solutions - more
particularly, solutions friendly to the US Government, but not the
Chinese or Russian government.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
