Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Let Root Certificate For Gmail Expire

Posted by Soulskill on from the happens-to-the-best-of-us dept.

Gr8Apes writes: The certificate for Google's intermediate certificate authority expired Saturday. The certificate was used to issue Gmail's certificate for SMTP, and the expiration at 11:55am EDT caused many e-mail clients to stop receiving Gmail messages. While the problem affected most Gmail users using PC and mobile mail clients, Web access to Gmail was unaffected. I guess Google Calendar failed to notify someone.

14 of 104 comments (clear)

  1. Re:Lol by Anonymous Coward · · Score: 5, Funny

    Yeah I only use Tinder for all my communication.

  2. Obligatory XKCD by avgjoe62 · · Score: 5, Funny

    This seems so prophetic now:

    Obligatory XKCD Link

    --

    How come Slashdot never gets Slashdotted?

    1. Re:Obligatory XKCD by snowgirl · · Score: 4, Interesting

      You've likely heard of Memegen, the internal Google meme forum?

      Yeah, that comic is a template, and regularly gets rolled out for random things that we were told to focus on... like "self-driving cars" or "nest" or "ionosphere skydiving VPs"

      --
      WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS
    2. Re:Obligatory XKCD by X0563511 · · Score: 4, Funny

      Man, 8.8.4.4 never gets any love.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    3. Re:Obligatory XKCD by ralphsiegler · · Score: 4, Interesting

      That 8 stuff is for young-un's, we old timers love our 4.2.2.2 Originally BBN Planet 's DNS server in 1994, now owned by Level 3

  3. LOL ... by gstoddart · · Score: 5, Funny

    I am GRoot.

    --
    Lost at C:>. Found at C.
  4. Re:Lets encrypt by sycodon · · Score: 4, Interesting

    The internet has become one giant Rube Goldberg machine. Way too many parts and dependencies.

    No, I don't have an alternative, but that's not a requirement to point out that the web seems pretty fragile.

    --
    When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
  5. I doubt it by koan · · Score: 3, Insightful

    I just don't see Google slipping up by "forgetting" (how can you excuse that in this day and age?)
    I think something else happened.

    --
    "If any question why we died, Tell them because our fathers lied."
    1. Re:I doubt it by gstoddart · · Score: 3, Interesting

      Honestly, Microsoft has let the domain for Hotmail expire. In fact, they've done it more than once.

      Never underestimate the human capacity to fuck something up.

      --
      Lost at C:>. Found at C.
  6. Re:And the layman's translation is what again? by wonkey_monkey · · Score: 4, Funny

    As much as I like to take issue when a summary truly is unenlightening and makes unreasonable expectations of readers, I don't think this is such a case. Slashdot isn't a general news site, and does have a specific target readership, the vast majority of which are going to know what a certificate is and what SMTP is.

    And anyway, whose mother? Some mothers would need the meaning of "ISP" spelled out for them over several sentences. Some mothers don't have even a vague grasp of what the internet is. Where do you draw the line?

    At least it wouldn't be over the head of this mom.

    * How does this [-] a normal user?
    * What can they [-] or not do now?
    * What do they have [-] watch out for?

    Blimey, if you want to talk about clarity...

    --
    systemd is Roko's Basilisk.
  7. Just clients? by multi+io · · Score: 4, Informative

    The certificate was used to issue Gmail's certificate for SMTP, and the expiration at 11:55am EDT caused many e-mail clients to stop receiving Gmail messages

    If the certificate was "for SMTP", the problem would have affected not just end users, but also peers, i.e. other e-mail providers who wanted to deliver mail to @gmail.com addresses. Or at least they may have automatically fallen back to unencrypted SMTP delivery (which was pretty much the default before Snowden, but anyway).

  8. title wrong by fugas · · Score: 5, Informative

    "Google Internet Authority G2" is NOT a root certificate (subject != issuer).

  9. Google has been degrading rapidly. by Futurepower(R) · · Score: 3, Interesting

    wonkey_monkey, I'm guessing you are actually wonkey_human.

    Yes, I think I have an explanation. Google has been degrading rapidly. More and more Google is out of control. To me, that is very sad. For years, Google was an amazingly excellent company.

    The Google traffic map near Portland, Oregon shows traffic accidents in Seattle, 3 hours away. The design of the text in the upper left corner of Google maps is very poor.

    There are many other issues of that nature.

  10. Re:Why is it good that certificates expire? by Anonymous Coward · · Score: 4, Informative

    From IBM:

    Question
    FAQ: Why do certificates have an expiration date? (SCI97674)
    Answer
    Digital certificates are breakable and are only considered to be secure for a limited period of time.? As of 2006, a? certificate based on? the standard? 1024 bit encryption string is only considered to be secure for 1-2 years and so certificates should expire and be replaced after no more than 2 years. Note