On 23 Jun 2020, at 14:35, Bill Cole wrote:
On 23 Jun 2020, at 12:38, Eric Sharakan wrote:
And to the right are two buttons: "Show Details" and "Allow Network
Fetch". I understand the first button, but what exactly does "Allow
Network Fetch" do? I clicked it but it didn't seem to have any
effect.
Nearly all certs these days are not signed directly by 'root' certs
but instead by an intermediate cert. In *some* cases it is possible to
retrieve a needed intermediate cert based on information in the
end-user cert. The retrieved intermediate cert itself can have its own
problems that break verification, such as simple expiration or the use
of obsolete weak algorithms, or it can itself be signed by an unknown
cert rather than by a trusted root.
It should be possible to determine what the problem is by using the
"Show Details" button.
Okay thanks. It turns out I deleted the mail in question, and had not
clicked the "Show Details" button after clicking "Allow Network Fetch".
What I did notice is that the "Allow Network Fetch" remained available
and active, and the warning about missing intermediate certs remained,
so I assume MM was unable to retrieve the intermediate Cert.
The lack of feedback of any kind that clicking "Allow Network Fetch"
actually did anything is not ideal; can this be addressed Benny?
BTW, I remember the intermediate cert was from a CA named "PostSignum CA
4" (apparently from www.postsignum.cz). Any folks on this list familiar
with this CA? Is it safe to install their certs on my Mac (I have
several folks in the Czech Republic with whom I correspond)?
Thanks.
-Eric
--
Bill Cole
[email protected] or [email protected]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
_______________________________________________
mailmate mailing list
[email protected]
https://lists.freron.com/listinfo/mailmate
_______________________________________________
mailmate mailing list
[email protected]
https://lists.freron.com/listinfo/mailmate
