nanog mailing list archives

Re: Gmail and SSL

From: "Keith Medcalf" <kmedcalf () dessus com>
Date: Sun, 30 Dec 2012 13:30:03 -0700

Your assertion that using "bought" certificates provides any security benefit whatsoever assumes facts not in evidence.

Given recent failures in this space I would posit that the requirement to use certificates purchased from entities 
"under the thumb" of government control, clearly motivated only by profit, and with highly questionable moral and 
ethical standards represents a huge increase in risk of passive attack and confidentiality failure where such rosk did 
not previously exist.


Sent from Samsung Mobile

-------- Original message --------
From: Jimmy Hess <mysidia () gmail com> 
Date:  
To: Randy <nanog () afxr net> 
Cc: NANOG list <nanog () nanog org> 
Subject: Re: Gmail and SSL

Current thread:

Re: Gmail and SSL, (continued)
- - - Re: Gmail and SSL Eugen Leitl (Dec 14)
    - Re: Gmail and SSL Christopher Morrow (Dec 14)
- Re: Gmail and SSL Peter Kristolaitis (Dec 14)
  - Re: Gmail and SSL Maxim Khitrov (Dec 14)
  - RE: Gmail and SSL Matthew Black (Dec 14)
    - Re: Gmail and SSL Peter Kristolaitis (Dec 14)
    - Re: Gmail and SSL Christopher Morrow (Dec 14)
    - Re: Gmail and SSL Jasper Wallace (Dec 20)
  - Message not available
    - Re: Gmail and SSL Peter Kristolaitis (Dec 29)
- Re: Gmail and SSL Jimmy Hess (Dec 29)
- Re: Gmail and SSL Keith Medcalf (Dec 30)
  - Re: Gmail and SSL Christopher Morrow (Dec 30)
  - Re: Gmail and SSL Jimmy Hess (Dec 30)
    - Re: Gmail and SSL John Levine (Dec 30)
    - Re: Gmail and SSL Jimmy Hess (Dec 30)
    - Re: Gmail and SSL Rich Kulawiec (Dec 31)
    - Re: Gmail and SSL John R. Levine (Dec 31)
- Re: Gmail and SSL Keith Medcalf (Dec 30)