Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - Ask Slashdot: Has Gmail's SSL certificate changed, and how would we know?

Submitted by Anonymous Coward
An anonymous reader writes "Recent reports from around the 'net suggest that SSL certificate chain for gmail has either changed this week, or has been widely compromised. Even in less-than-obvious places to look for information, such as Google's Online Security Blog, are silent. At the moment, the blind are leading the blind to blindly trust the new certificates in order to see the dancing bunnies in their emails. The problem isn't specific to gmail, of course, which leads me to ask: What is the canonically-accepted out-of-band means by which a new SSL certificate's fingerprint may be communicated and/or verified by end users?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Ask Slashdot: Has Gmail's SSL certificate changed, and how would we know?

Comments Filter:

"Now this is a totally brain damaged algorithm. Gag me with a smurfette." -- P. Buhr, Computer Science 354

Working...