mailing list archives
Re: smtp.comcast.net self-signed certs
From: Owen DeLong <owen () delong com>
Date: Fri, 16 Jan 2009 09:27:48 -0800
On Jan 16, 2009, at 8:54 AM, Tony Finch wrote:
On Fri, 16 Jan 2009, Jeff Mitchell wrote:
You're right; certificate verification was turned on on my end
I'd never had a reason to turn it off (since in recent times the
my mail goes through their gateway, which has never presented an
certificate to me before).
Message submission is very different to inter-domain SMTP. There's
indirection, so the TLS certificate actually verifies the correct
and certificate verification is normal on the client, and correct
certificates are normal on servers. A much better situation.
Sure, but, in that case, it's also perfectly valid to load the self-
root certificate for that SMTP server's cert. chain into the trusted