GMail, POP, and TLS server certificate verification
TIL that GMail has apparently spent years not verifying that the hostname of the remote POP server it was connecting to was included in the server's TLS certificate.
Like the more common and more recent IMAP, POP is a protocol used to retrieve email from email servers. GMail has for many years supported pulling email from your account elsewhere into GMail by logging in to it with POP and directly grabbing the mail (presumably using POP instead of IMAP because the POP protocol is a lot simpler).
(As a side note, this necessarily involves giving GMail the credentials for your POP account.)
Our local IMAP server also supports POP (over TLS) and has for a long time, and various people here who use GMail use this GMail feature to retrieve email from their account here (rather than directly forwarding it to GMail). This has worked for years, but recently we got a report from a user that GMail was now reporting SSL errors. Specifically, the error reported to us was saying:
Server returned error "SSL error: ok Hostname "pop.cs.toronto.edu" doesn't match any SANs: "imap.cs...."
For historical reasons, our IMAP server has multiple names in DNS. However, some time many years ago when we were rolling over TLS certificates for it, we neglected to get the TLS certificate for anything other than its primary name. So for years and years, anything connecting to it by any of those alternate names was being presented with a TLS certificate that failed the second part of verifying a TLS certificate; it was signed, but not for the host that you were connecting to.
However, GMail only started failing its connection attempts a few days ago for our user; before then pulling email from us via POP over TLS has worked fine. Since the TLS certificate has been improper for that host name for years, I can only conclude that for some reason GMail was accepting it before now. I'm glad they stopped, whatever the reason was (including perhaps silently turning off a flag in the user's settings that previously allowed this).
(GMail may not have been alone in this; apparently Thunderbird spent a long time not verifying this either.)