Google Let Root Certificate For Gmail Expire

← Back to Stories (view on slashdot.org)

Google Let Root Certificate For Gmail Expire

Posted by Soulskill on Tuesday April 7, 2015 @08:38AM from the happens-to-the-best-of-us dept.

Gr8Apes writes: The certificate for Google's intermediate certificate authority expired Saturday. The certificate was used to issue Gmail's certificate for SMTP, and the expiration at 11:55am EDT caused many e-mail clients to stop receiving Gmail messages. While the problem affected most Gmail users using PC and mobile mail clients, Web access to Gmail was unaffected. I guess Google Calendar failed to notify someone.

3 of 104 comments (clear)

Min score:

Reason:

Sort:

Just clients? by multi+io · 2015-04-07 09:41 · Score: 4, Informative

The certificate was used to issue Gmail's certificate for SMTP, and the expiration at 11:55am EDT caused many e-mail clients to stop receiving Gmail messages
If the certificate was "for SMTP", the problem would have affected not just end users, but also peers, i.e. other e-mail providers who wanted to deliver mail to @gmail.com addresses. Or at least they may have automatically fallen back to unencrypted SMTP delivery (which was pretty much the default before Snowden, but anyway).
title wrong by fugas · 2015-04-07 09:52 · Score: 5, Informative

"Google Internet Authority G2" is NOT a root certificate (subject != issuer).
Re:Why is it good that certificates expire? by Anonymous Coward · 2015-04-07 13:28 · Score: 4, Informative

From IBM:

Question
FAQ: Why do certificates have an expiration date? (SCI97674)
Answer
Digital certificates are breakable and are only considered to be secure for a limited period of time.? As of 2006, a? certificate based on? the standard? 1024 bit encryption string is only considered to be secure for 1-2 years and so certificates should expire and be replaced after no more than 2 years. Note