From nanog@afxr.net Fri Jul 6 02:33:56 2018 From: Randy To: cypherpunks-legacy@lists.cpunks.org Subject: Gmail and SSL Date: Fri, 06 Jul 2018 02:33:56 +0000 Message-ID: <172289279603.3881296.14464489434147386560.generated@mail.pglaf.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7617048334383818449==" --===============7617048334383818449== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable I'm hoping to reach out to google's gmail engineers with this message, Today I noticed that for the past 3 days, email messages from my personal=20 website's pop3 were not being received into my gmail inbox. Naturally, I=20 figured that my pop3 service was down, but after some checking, every thing=20 was working OK. I then checked gmail settings, and noticed some error. It explained that google is no longer accepting self signed ssl =20 certificates. It claims that this change will "offer[s] a higher level of=20 security to better protect your information". I don't believe that this change offers better security. In fact it is now=20 unsecured - I am unable to use ssl with gmail, I have had to select the=20 plain-text pop3 option. I don't have hundreds of dollars to get my ssl certificates signed, and to=20 top it off, gmail never notified me of an error with fetching my mail. How=20 many of email accounts trying to grab mail are failing now? I bet=20 thousands, as a self signed certificate is a valid way of encrypting the=20 traffic. Please google, remove this requirement. Source: =20 http://support.google.com/mail/bin/answer.py?hl=3Den&answer=3D21291&ctx=3Dgma= il#strictSSL ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --===============7617048334383818449==--