Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] google ca

Eric S Johnson crates at oneotaslopes.org
Fri Feb 28 02:26:41 PST 2014


My OpenPGP client (SED) uses user-approved pinning to decide whether to accept a never-before-seen certificate when connecting using TLS/SSL to send/receive e-mail via SMTP/POP3.

 

Recently it’s been asking me to approve new certificates for each of Google’s many mail servers (I see many of them because I travel a lot internationally and Google seems to load-share based on geography). (I see the same thing for other large free e-mail providers, but none even fractionally as many servers as Google. I think I’ve seen about 35 for Google.)

 

The new certs all use “Google CA” as their CA. I assume this is legit, but do any of you know for sure? (I haven’t seen much online about it.)

 

Best,

Eric

OpenPGP <http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xE0F58E0F1AF7E6F2> : 0x1AF7E6F2 ● Skype: oneota ● XMPP/OTR: berekum at jabber.ccc.de <mailto:berekum at jabber.ccc.de>  ● Silent Circle: +1 312 614-0159

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140228/a7ded379/attachment.html>


More information about the liberationtech mailing list