Marek Isalski, Entropy Source
NHS.net Mail Certificates
A quick look at the NHSmail Certificate presented on STARTTLS over SMTP:
> openssl s_client -starttls smtp -bugs -connect smtp.nhs.net:25 -showcerts CONNECTED(00000004) depth=0 /C=US/ST=California/L=Sunnyvale/O=Mirapoint, Inc./OU=MAS/CN=myname.my.domain/emailAddress=postmaster@myname.my.domain verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /C=US/ST=California/L=Sunnyvale/O=Mirapoint, Inc./OU=MAS/CN=myname.my.domain/emailAddress=postmaster@myname.my.domain verify error:num=27:certificate not trusted verify return:1 depth=0 /C=US/ST=California/L=Sunnyvale/O=Mirapoint, Inc./OU=MAS/CN=myname.my.domain/emailAddress=postmaster@myname.my.domain verify error:num=21:unable to verify the first certificate verify return:1 [snip]
Emails to the Information Governance Team at Connecting for Health programme have, of course, been sent in.