L. David Baron @dbaron@w3c.social · Jun 11, 2019 · 6:19 PM UTC

L. David Baron @dbaron@w3c.social

L. David Baron @dbaron@w3c.social @davidbaron

11 Jun 2019

Anybody else seeing imap.gmail.com using a cert with CommonName invalid2.invalid? (Does anyone else use imap.gmail.com these days?)

L. David Baron @dbaron@w3c.social · Jun 11, 2019 · 6:49 PM UTC

L. David Baron @dbaron@w3c.social · Jun 11, 2019 · 6:49 PM UTC

L. David Baron @dbaron@w3c.social @davidbaron

11 Jun 2019

OK, the underlying problem seems to be that something changed today (probably an upgrade I picked up with Ubuntu updates) that triggered mta.openssl.org/pipermail/op… , and forcing TLS 1.2 fixes things, since imap.gmail.com now requires SNI for TLS 1.3.

Jun 11, 2019 · 6:49 PM UTC

This tweet is unavailable

L. David Baron @dbaron@w3c.social · Jun 11, 2019 · 9:16 PM UTC

L. David Baron @dbaron@w3c.social @davidbaron

11 Jun 2019

Yeah, what I don't know is whether today's system updates (probably the openssl or libssl one) (a) broke fetchmail sending of SNI or (b) made fetchmail start using TLS 1.3

more replies