[stunnel-users] Confusion regarding part of stunnel.conf

Ludolf Holzheid lholzheid at bihl-wiedemann.de
Sat Feb 12 14:23:29 CET 2011


On Fri, 2011-02-11 17:00:58 -0600, Dave wrote:
>
> [..]
>
> Out of curiosity, how do large corporations handle the installation
> of one of their certs on all of the client machines?  Because it
> seems like that would be a pain!  Like, for example, if one were to
> set up their mail client to handle their gmail account, how does
> Google make the connection to your mail client safe from a MITM
> attack if you've not pre-installed one of their certs?  I guess
> perhaps because they'd have a cert built into the mail client by
> default?

I think those sites use SSL for encryption only. Client authentication
is done by the good old user name/password pair. At least this is the
case for my mail account at GMX.

Ludolf

-- 

---------------------------------------------------------------
Ludolf Holzheid             Tel:    +49 621 339960
Bihl+Wiedemann GmbH         Fax:    +49 621 3392239
Floßwörthstraße 41          e-mail: lholzheid at bihl-wiedemann.de
D-68199 Mannheim, Germany
---------------------------------------------------------------




More information about the stunnel-users mailing list