Re: [PLUG] New gmail fingerprint?

Stephen Gran on 9 Nov 2007 00:46:23 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] New gmail fingerprint?

From: Stephen Gran <steve@lobefin.net>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] New gmail fingerprint?

Date: Fri, 9 Nov 2007 00:46:14 +0000

Mail-followup-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mutt/1.5.13 (2006-08-11)

On Thu, Nov 08, 2007 at 07:35:09PM -0500, John Lavin said: > Hello All- > > I don't know if I'm the only one that started getting crontab error > notifications from my fetchmail to my gmail account. I use a POP over > ssl connection, and this has been working just fine since about March > when I set it up originally. After troubleshooting, and running > manual connections, everything seemed fine, except I noticed the > fingerprint I had defined in my fetchmailrc was different than the one > now coming back. > > Old: 59:51:61:89:CD:DD:B2:35:94:BB:44:97:A0:39:D5:B4 > > New: 44:A8:E9:2C:FB:A9:7E:6D:F9:DB:F3:62:B2:9E:F1:A9 > > Anyone else notice this? Should I be concerned about this? They've apparently made some fairly big changes to their network, as they're suddenly offering IMAP (US customers only, currently, although easy to fool if you set your preferences to US english long enough to enable IMAP) so I wouldn't be surprised if they shuffeled servers at the same time. I'm not sure, in the general sense, that's it's useful to rely on a single server fingerprint for a big farm like google. It's probably more useful to look at what CA signs the server fingerprints and decide whether or not you trust that. They will likely move servers out from under you in the future, creating more needless make work. And the point of the SSL validation is to decide that this is google, keeper of all your mail and indexer of all your information^Wporn^W^W^W^W^W^W^W^W^W^W^W really good thing I swear, after all, not that this is some random machine that has a given fingerprint. -- -------------------------------------------------------------------------- | Stephen Gran | "Debian: no hats or reptiles were | | steve@lobefin.net | harmed in the making of this | | http://www.lobefin.net/~steve | distribution= ." -- Paul Slootman | --------------------------------------------------------------------------
Attachment: signature.asc
Description: Digital signature

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] New gmail fingerprint?
From: John Lavin <jlavin@linuxtech.com>

Prev by Date: [PLUG] New gmail fingerprint?

Next by Date: Re: [PLUG] remote-ish mail

Previous by thread: [PLUG] New gmail fingerprint?

Next by thread: [PLUG] OT? Chumby

Index(es):

Date

Thread