[liberationtech] google ca
Antonio Tenorio Fornés
antoniotenorio at pdi.ucm.es
Fri Feb 28 03:10:47 PST 2014
We have to be careful, I heard about a French government fraud regarding
Google CAs. See
http://www.arnnet.com.au/article/533812/french_government_sub-ca_issues_unauthorized_certificates_google_domains/
Best,
Antonio.
2014-02-28 11:26 GMT+01:00 Eric S Johnson <crates at oneotaslopes.org>:
> My OpenPGP client (SED) uses user-approved pinning to decide whether to
> accept a never-before-seen certificate when connecting using TLS/SSL to
> send/receive e-mail via SMTP/POP3.
>
>
>
> Recently it’s been asking me to approve new certificates for each of
> Google’s many mail servers (I see many of them because I travel a lot
> internationally and Google seems to load-share based on geography). (I see
> the same thing for other large free e-mail providers, but none even
> fractionally as many servers as Google. I think I’ve seen about 35 for
> Google.)
>
>
>
> The new certs all use “Google CA” as their CA. I assume this is legit, but
> do any of you know for sure? (I haven’t seen much online about it.)
>
>
>
> Best,
>
> Eric
>
> OpenPGP<http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xE0F58E0F1AF7E6F2>:
> 0x1AF7E6F2 ● Skype: oneota ● XMPP/OTR: berekum at jabber.ccc.de ● Silent
> Circle: +1 312 614-0159
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140228/4ae4a481/attachment.html>
More information about the liberationtech
mailing list