smtp.comcast.net self-signed certs
Tony Finch
dot at dotat.at
Fri Jan 16 16:54:52 UTC 2009
On Fri, 16 Jan 2009, Jeff Mitchell wrote:
> You're right; certificate verification was turned on on my end simply because
> I'd never had a reason to turn it off (since in recent times the majority of
> my mail goes through their gateway, which has never presented an invalid
> certificate to me before).
Message submission is very different to inter-domain SMTP. There's no MX
indirection, so the TLS certificate actually verifies the correct name,
and certificate verification is normal on the client, and correct
certificates are normal on servers. A much better situation.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
PORTLAND PLYMOUTH: SOUTHWEST 5 TO 7, INCREASING GALE 8 AT TIMES. ROUGH,
OCCASIONALLY VERY ROUGH IN PLYMOUTH. RAIN OR SHOWERS. MODERATE OR GOOD,
OCCASIONALLY POOR.
More information about the NANOG
mailing list