Kevin J. McCarthy writes:
> Hi Everyone,
>
> I think it's getting time for a default-branch release. I'm just going
> to work on a few more small things this week (including seeing if I can
> get the kyoto cabinet in), and then I'd like to start a translation
> freeze.
One thing I'd like to see fixed in a release, or at least explained, is expired
certificates handling.
set certificate_file="~/.mutt/certificates"
Since I started using the current config, the file has grown to 81 entries,
most of them from Google as they roll over their gmail certs frequently. As it
turns out, more than 60 of them are expired. Recently, after upgrading from
1.7.1 to 1.7.2 (and tested tip, too), I got this when logging into gmail:
Server certificate has expired
This certificate belongs to:
Google Internet Authority G2
Unknown
Google Inc
Unknown
Unknown
Unknown
US
This certificate was issued by:
GeoTrust Global CA
Unknown
GeoTrust Inc.
Unknown
Unknown
Unknown
US
This certificate is valid
from Apr 5 15:15:55 2013 GMT
to Dec 31 23:59:59 2016 GMT
(r)eject, accept (o)nce
The same certificates file worked fine in 1.7.1. It looks like previous
versions worked their way through it until a matching and valid cert was found,
and this is no longer the case.
I don't know if this behaviour is intentional. I had to write my own tool to
weed out expired certificates.
