Hi

On Saturday 18 January 2014 at 4:49:22 PM, in
<mid:[email protected]>, Jernej Simoncic
wrote:


> On Friday, January 17, 2014, 23:10:24, Leonard S.
> Berkowitz wrote:
>> FETCH - Certificate S/N: 011E8403, 
>> algorithm: RSA (512 bits), 
>> issued from 10/5/2012 10:19:13 PM to 9/30/2032 10:19:13 PM, 
>> for 1 host(s): pop.gmail.com.


> However, the certificate it's
> announcing doesn't look right - 512bit RSA is insecure
> (even 1024bit RSA has been phased out), and nobody
> issues end-entity certificates that are valid for more
> than 5 years, so you should check why you're seeing
> that certificate (it almost certainly means that
> somebody is doing a man-in-the-middle attack with it,
> thus being able to read all messages you download).  


My Gmail account log shows:-
         
         FETCH - Initiating TLS handshake
         
         FETCH - Certificate S/N: 0A7AA2766A688E80, 
         algorithm: RSA (2048 bits), 
         issued from 10/09/2013 07:57:39 to 10/09/2014 07:57:39, 
         for 1 host(s): pop.gmail.com.
         
         FETCH - Owner: US, California, Mountain View, 
         Google Inc, pop.gmail.com.
         
         FETCH - Root: generated by avast! antivirus for SSL scanning, 
         avast! Mail Scanner, avast! Mail Scanner Root

         FETCH - TLS handshake complete
         
Maybe it is something to do with your anti-virus, like the Avast! root
certificate with no dates or serial number mentioned in my TLS
handshake? (Avast! does a "man-in-the-middle attack" so that it can
scan my email for nasties.)


-- 
Best regards

MFPA                    mailto:[email protected]

A closed mouth gathers no foot

Using The Bat! v4.0.38 on Windows XP 5.1 Build 2600 Service Pack 3 


________________________________________________
Current version is 6.1.8 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html

Reply via email to