[158855] in North American Network Operators' Group
Re: Gmail and SSL
daemon@ATHENA.MIT.EDU (John Peach)
Fri Dec 14 10:51:43 2012
Date: Fri, 14 Dec 2012 10:51:30 -0500
From: John Peach <john-nanog@johnpeach.com>
In-reply-to: <50CB49F7.5050304@afxr.net>
To: nanog@nanog.org
Reply-To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, 14 Dec 2012 09:47:03 -0600
Randy <nanog@afxr.net> wrote:
> I'm hoping to reach out to google's gmail engineers with this message,
> Today I noticed that for the past 3 days, email messages from my
> personal website's pop3 were not being received into my gmail inbox.
> Naturally, I figured that my pop3 service was down, but after some
> checking, every thing was working OK. I then checked gmail settings, and
> noticed some error.
> It explained that google is no longer accepting self signed ssl
> certificates. It claims that this change will "offer[s] a higher level
> of security to better protect your information".
> I don't believe that this change offers better security. In fact it is
> now unsecured - I am unable to use ssl with gmail, I have had to select
> the plain-text pop3 option.
>
> I don't have hundreds of dollars to get my ssl certificates signed, and
> to top it off, gmail never notified me of an error with fetching my
> mail. How many of email accounts trying to grab mail are failing now? I
> bet thousands, as a self signed certificate is a valid way of encrypting
> the traffic.
http://www.startssl.com/
Their certs are free and, from what I hear, are accepted by Google.
--
John
