On Fri, 2011-02-11 17:00:58 -0600, Dave wrote:
[..]
Out of curiosity, how do large corporations handle the installation of one of their certs on all of the client machines? Because it seems like that would be a pain! Like, for example, if one were to set up their mail client to handle their gmail account, how does Google make the connection to your mail client safe from a MITM attack if you've not pre-installed one of their certs? I guess perhaps because they'd have a cert built into the mail client by default?
I think those sites use SSL for encryption only. Client authentication is done by the good old user name/password pair. At least this is the case for my mail account at GMX. Ludolf -- --------------------------------------------------------------- Ludolf Holzheid Tel: +49 621 339960 Bihl+Wiedemann GmbH Fax: +49 621 3392239 Floßwörthstraße 41 e-mail: lholzheid@bihl-wiedemann.de D-68199 Mannheim, Germany ---------------------------------------------------------------