[Cryptography] How to get really paranoid
leichter at lrw.com
Sat Sep 7 19:03:54 EDT 2013
So I'm reading some of the recent threads here, and all of a sudden, Mail.app warns me of a problem with a cert. I have an old, essentially unused, Yahoo email address that came along for free when I got DSL from AT&T years ago. As with all my email connections, I require SSL - which may be about as effective as tossing salt over my shoulder, but hey, it's still the best we've got. It's been working fine - well, the servers are noticeably slow - for years. All of a sudden, I'm told by Mail.app that it can't verify the cert for connecting to smtp.att.yahoo.com because it was signed by an unknown authority. Its signer is DigiCert - it's a "DigiCert High Assurance CA-3" signing certificate. Expires on November 13 of this year.
Bizarre. Time to replenish my stocks of aluminum foil. :-)
More information about the cryptography