[Cryptography] How to get really paranoid

Jerry Leichter leichter at lrw.com
Sat Sep 7 19:03:54 EDT 2013

So I'm reading some of the recent threads here, and all of a sudden, Mail.app warns me of a problem with a cert.  I have an old, essentially unused, Yahoo email address that came along for free when I got DSL from AT&T years ago.  As with all my email connections, I require SSL - which may be about as effective as tossing salt over my shoulder, but hey, it's still the best we've got.  It's been working fine - well, the servers are noticeably slow - for years.  All of a sudden, I'm told by Mail.app that it can't verify the cert for connecting to smtp.att.yahoo.com because it was signed by an unknown authority.  Its signer is DigiCert - it's a "DigiCert High Assurance CA-3" signing certificate.  Expires on November 13 of this year.

Bizarre.  Time to replenish my stocks of aluminum foil.  :-)

                                                        -- Jerry

More information about the cryptography mailing list