Re: [cryptography] Gmail and SSL

One could require the user to specify/confirm a certificate fingerprint on gmail in such a case. That way you're MitM proof, even with a self signed certificate.