On Friday, January 17, 2014, 23:10:24, Leonard S. Berkowitz wrote:

> FETCH - Certificate S/N: 011E8403, algorithm: RSA (512 bits),
> issued from 10/5/2012 10:19:13 PM to 9/30/2032 10:19:13 PM, for 1 host(s): 
> pop.gmail.com.

> It occurs repeatedly, every three minutes -- the frequency configured
> for checking mail.

> And should I be concerned about it?

The line is part of the normal TLS handshake, and usually wouldn't
matter. However, the certificate it's announcing doesn't look right -
512bit RSA is insecure (even 1024bit RSA has been phased out), and
nobody issues end-entity certificates that are valid for more than 5
years, so you should check why you're seeing that certificate (it
almost certainly means that somebody is doing a man-in-the-middle
attack with it, thus being able to read all messages you download).

-- 
< Jernej Simončič ><><><><>< http://eternallybored.org/ >

The idea is to die young as late as possible.
       -- Montagu's Maxim


________________________________________________
Current version is 6.1.8 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html

Reply via email to