On 2017-07-11 21:25:36 +0200, Olaf Hering wrote: > On Tue, Jul 11, Olaf Hering wrote: > > > +USE_SSL_OPENSSL -USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO > > I switched from openssl to gnutls, and no issue since then. > > Is there any downside by using gnutls? So far the only issue I noticed > is that during login to every IMAP server I got a msg like 'this > server uses an invalid certificate'.
This might mean that Mutt was hanging on certificate checking with OpenSSL, but with GnuTLS, certificate checking doesn't work at all on your machine, which is a quite serious security issue. BTW, does Mutt also check the certificate status with OCSP with any of them? This is quite important too. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
