I haven't actually gone and looked at the source code, nor have I directly asked a gmail product manager, but I would be flabbergasted and astounded if it weren't. Google is pressuring the world, in case you hadn't noticed, to use TLS for everything; and there are few things that are juicier attack targets than a cellphone on an open wifi network. -Tim
On Sat, Jun 4, 2011 at 8:59 PM, Udhay Shankar N <[email protected]> wrote: > On 04-Jun-11 8:13 PM, Tim Bray wrote: > >> If by "ssh" you mean "TLS" I believe the answer is yes. > > Just so I am clear, does this mean ALL transactions are SSL-encrypted by > default, not just login? > > I ask because, on my client (gmail v 2.3.4.1 on Android 2.3.3, running > on an HTC Desire S) I can't see any option to turn SSL on. > > Udhay > -- > ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) > >
