Hi
On Saturday 18 January 2014 at 4:49:22 PM, in <mid:[email protected]>, Jernej Simoncic wrote: > On Friday, January 17, 2014, 23:10:24, Leonard S. > Berkowitz wrote: >> FETCH - Certificate S/N: 011E8403, >> algorithm: RSA (512 bits), >> issued from 10/5/2012 10:19:13 PM to 9/30/2032 10:19:13 PM, >> for 1 host(s): pop.gmail.com. > However, the certificate it's > announcing doesn't look right - 512bit RSA is insecure > (even 1024bit RSA has been phased out), and nobody > issues end-entity certificates that are valid for more > than 5 years, so you should check why you're seeing > that certificate (it almost certainly means that > somebody is doing a man-in-the-middle attack with it, > thus being able to read all messages you download). My Gmail account log shows:- FETCH - Initiating TLS handshake FETCH - Certificate S/N: 0A7AA2766A688E80, algorithm: RSA (2048 bits), issued from 10/09/2013 07:57:39 to 10/09/2014 07:57:39, for 1 host(s): pop.gmail.com. FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com. FETCH - Root: generated by avast! antivirus for SSL scanning, avast! Mail Scanner, avast! Mail Scanner Root FETCH - TLS handshake complete Maybe it is something to do with your anti-virus, like the Avast! root certificate with no dates or serial number mentioned in my TLS handshake? (Avast! does a "man-in-the-middle attack" so that it can scan my email for nasties.) -- Best regards MFPA mailto:[email protected] A closed mouth gathers no foot Using The Bat! v4.0.38 on Windows XP 5.1 Build 2600 Service Pack 3 ________________________________________________ Current version is 6.1.8 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html

