Gmail and SSL
john-nanog at johnpeach.com
Fri Dec 14 15:51:30 UTC 2012
On Fri, 14 Dec 2012 09:47:03 -0600
Randy <nanog at afxr.net> wrote:
> I'm hoping to reach out to google's gmail engineers with this message,
> Today I noticed that for the past 3 days, email messages from my
> personal website's pop3 were not being received into my gmail inbox.
> Naturally, I figured that my pop3 service was down, but after some
> checking, every thing was working OK. I then checked gmail settings, and
> noticed some error.
> It explained that google is no longer accepting self signed ssl
> certificates. It claims that this change will "offer[s] a higher level
> of security to better protect your information".
> I don't believe that this change offers better security. In fact it is
> now unsecured - I am unable to use ssl with gmail, I have had to select
> the plain-text pop3 option.
> I don't have hundreds of dollars to get my ssl certificates signed, and
> to top it off, gmail never notified me of an error with fetching my
> mail. How many of email accounts trying to grab mail are failing now? I
> bet thousands, as a self signed certificate is a valid way of encrypting
> the traffic.
Their certs are free and, from what I hear, are accepted by Google.
More information about the NANOG