[159223] in North American Network Operators' Group
Re: Gmail and SSL
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Tue Jan 1 11:18:50 2013
In-Reply-To: <alpine.BSF.2.00.1212310857001.21257@joyce.lan>
Date: Tue, 1 Jan 2013 11:18:38 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: "John R. Levine" <johnl@iecc.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Dec 31, 2012 at 9:07 AM, John R. Levine <johnl@iecc.com> wrote:
> Also keep in mind that this particular argument is about the certs used to
> submit mail to Gmail, which requires a separate SMTP AUTH within the SSL
> session before you can send any mail. This isn't belt and suspenders, this
> is belt and a 1/16" inch piece of duct tape.
wait, no... this was gmail's pop crawlers gathering mail from remote
pop services wasn't it? (or that was my impression at least).
so this is, I think, an attempt by gmail/google to protect their users
from intermediaries presenting a certificate for 'floof' self-signed
instead of iecc.com ...
-chris
