 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Mac Forum / General / General / December 2007Mac mail security question
I got a notice from Mac mail (my .mac account) today that it couldn't verify the certificate for mail.mac.com. I looked at the certificate and it gave Verisign as the issuer, then said the cerificate was valid. That doesn't make sense to me, but I'm not as clued in as I might be about this kind of thing. Does that make sense to anyone here? Thanks Joe  SignatureTo email me shift the letters in my address back one > I got a notice from Mac mail (my .mac account) today that it > couldn't verify the certificate for mail.mac.com. I looked at the [quoted text clipped - 3 lines] > That doesn't make sense to me, but I'm not as clued in as I might be > about this kind of thing. Does that make sense to anyone here? I just chatted with mac support (http://www.apple.com/support/dotmac/mail/) and wound up with a bad feeling. Here's the transcript. If anyone knows something about this I'd appreciate a clue. You are chatting with Don, an Apple Expert Hi, my name is Don. Welcome to Apple! Joe Halpin: I got an error from Mac mail that said it couldn't verify the certificate for mail.mac.com, when I looked at the details on the certificate it said it was issued by Verisign, and was valid, what's up? Joe Halpin: Also, am I talking to someone from apple or someone at akamai.net? Don: You are chatting with .Mac support at Apple. I have not see this issue regarding a certificate from Verisign, where was it addressed from? Joe Halpin: I don't know what you mean. It appeared as an error dialog when Mac mail started. Joe Halpin: Also, why is the certificate for this chat from akamai.net? Joe Halpin: And if you're from apple, which am I connected to sales.liveperson.net? Don: I am not sure why you received the verisign certificate, does this only occur when opening mail application and not when you check web mail? Don: Yes I am with Apple, I am checking your other questions. Joe Halpin: It's happened while the application was running as well. Don: I'll be right with you. ... Don: Thanks for waiting, we have seen this before randomly coming up and our team is investigating the issue. Currently I do not have a resolution for you, and do apologize for this and am sorry any inconvenience this has caused. Joe Halpin: Ok, but as to my other questions, given that I'm asking about security, can you tell me why, if you're from Apple, your certificate is from akamai.net, and why I'm connected to sales.liveperson.net rather than apple.com? Don: Checking into this one moment please. Don: What you are seeing in this chat is part of our infrastructure for chat, I am sorry as I cannot discuss that further as that relates to internal Apple information. I'd love to know if this makes sense. Thanks Joe SignatureTo email me shift the letters in my address back one > I'd love to know if this makes sense. You haven't provided enough information to really diagnose the problem. For instance, you say the certificate was signed by verisign. That's not enough info. What you really need is to look at the certificate, find out who it was issued to (Common Name or CN), and then find out who signed it. For instance, when I go to https:/gmail.com and examine the certificate, this is what I discover. The common name is mail.google.com The certificate was issued by Thawte SGC CA Thawte's certificate was signed by Verisign Class 3 Primary Certificate Authority. In simple words, there are three certificates (public/private keys) involved. 1) mail.google.com 2) Thawte 3) Verisign. 2 signed #1, and 3 signed #2 #3 should be installed in your browser by default. Now look at the certificate you get, and trace the details. A fake site can generate certificate #1, and sign it themselves, and pretend to be anyone. But unless it's signed by one of the "official" certificate authorities - such as Certificate #3 above), it's meaningless. BTW - I'm using Firefox on a Linux box, and I have about 100 "built-in" certificates. I don't have a .Mac account, so I cannot check out your problem. SignaturePosted via a free Usenet account from http://www.teranews.com ... Thanks, I'll check this out next time it shows up. Joe SignatureTo email me shift the letters in my address back one > I'd love to know if this makes sense. Yes, it does - sort of. You were using mail.app when you got the invalid certificate notice? I see this occasionally for one mail server that I access. As soon as someone updates the certificate, it goes away. When that certificate's expiration comes up, I will see it again unless someone was more on top of things and got the certificate updated in a timely manner. Apple just had a major failure with a .mac mail server a few weeks ago. It's also the middle of the holiday season in the US. So - my guess is someone simply goofed and the certificate wasn't updated on schedule. ASIDE: I have a dotmac mail account, use mail.app and haven't seen this message for this server. I also ran "Get Mail" before posting and it still was okay. The message did pop up for that other server for one day last week so I know the notice mechanism in Mail is still working. For the other - it's not unusual for companies to use akamai.net for hosting. If not to directly host a particular part of their online service, it will pick up "overflow." I saw a rumor that Apple was farming out online support but don't know if that's true or not. Bottom line, it's up to you but I would be inclined to accept Don's assertion that he is Apple tech support. The "sales.liveperson" designation - it may be that Apple's chat application is used by both their online support and online sales (they have a link on their store pages for "liveperson" help). I don't see anything glaringly unusual but when you're checking on a security certificate, I can understand seeing creepy crawlies everywhere until the situation is resolved or explained. SignatureSharon F >> I'd love to know if this makes sense. > [quoted text clipped - 8 lines] > the middle of the holiday season in the US. So - my guess is someone > simply goofed and the certificate wasn't updated on schedule. Ahh, didn't know that, thanks. ... > The "sales.liveperson" designation - it may be that Apple's chat > application is used by both their online support and online sales (they [quoted text clipped - 3 lines] > security certificate, I can understand seeing creepy crawlies everywhere > until the situation is resolved or explained. Yeah, maybe I'm being overly paranoid. Thanks Joe SignatureTo email me shift the letters in my address back one > Yeah, maybe I'm being overly paranoid. Thanks IMHO It's a very good idea to have a sense of suspicion when something unusual occurs. SignaturePosted via a free Usenet account from http://www.teranews.com > IMHO It's a very good idea to have a sense of suspicion when something > unusual occurs. I think so too. I just wish I didn't start itching so much whenever creepy-crawly mode sets in. I also think it's a good idea to bounce suspicions against a group like this. Hopefully doing so will yield some peace of mind and in some cases <ahem> make the itching stop. ;-) SignatureSharon F |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.