On 9/18/06, Tim McCormack <[EMAIL PROTECTED]> wrote:
After you login (which is on a https://www.google.com address), you are
redirected (with auth tokens) to a http://mail.google.com/ address.
There seem to be two issues:
1) Is Gmail secure with regard to the exit node, even when entering on
https://www.gmail.com/?
2) Is the Tor network leaking data with Gmail?
- Tim
If you use https://mail.google.com/ to login, then you will remain
using https after you log in. If you use https://www.gmail.com/ to
login, you won't. This is covered in one of gmail's FAQs.
(Incidently, it also seems to work to go to https://www.gmail.com/ and
then change the "continue=http" to "continue=https" in the url).
Is this the solution, or is the issue something different?
Anthony
