[PATCH] Re: Implement SSL certificate checking
js at sig21.net
Tue Dec 14 20:34:54 GMT 2010
On Tue, Dec 14, 2010 at 01:37:39PM -0600, Sebastian Spaeth wrote:
> Me too, I actually never thought about certificate validation, but given
> that it was never done, I could just as well have used non-SSL on the
> airport :-(. So I will be glad if this goes in in one way or the other.
FWIW, certificate validation is sadly insufficient, that's why
I'm advocating the ssh-style fingerprint check.
It's the same with webbrowsers, you can read a bit
about it here:
E.g. when mutt connects via imaps it asks you if you accept
the certificate, and if you accept it permanently it is
saved into ~/.mutt_certificates and compared on next connect.
More information about the OfflineIMAP-project