Certificate and showing a sign-cert not there
Jochen Bern
Jochen.Bern at binect.de
Wed Feb 9 08:14:49 UTC 2022
On 09.02.22 02:13, Wayne Spivak wrote:
> The vendor I have, which is having the difficulty is still
> saying he gets a self-signed cert… but as I showed in my
> last email after I added Intermediate to the certificate,
> everything was ok.
"*A* self-signed cert" would match the root cert that your have (had?)
in your chain, though it would be unusual that *that* would prompt a
client to complain.
"*Only* a self-signed cert" would likely be some middleboxes' doing. As
justina pointed out, e-mail systems are still not in the habit of doing
full verification of certs, so MitM attacks are definitely possible.
[Still vividly remembers finding that a certain camping ground's WiFi
transparently redirects geusts' SMTP/IMAP to a snooping, SSL-enabled
server ...]
Kind regards,
--
Jochen Bern
Systemingenieur
Binect GmbH
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3449 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://dovecot.org/pipermail/dovecot/attachments/20220209/cbf3eb6e/attachment.bin>
More information about the dovecot
mailing list