On Wed, Jul 12, Vincent Lefevre wrote: Thanks for the followup.
> "If you connect to a server and use GnuTLS' functions to verify the > certificate chain, and get a GNUTLS_CERT_INSECURE_ALGORITHM validation > error (see Verifying X.509 certificate paths), it means that somewhere > in the certificate chain there is a certificate signed using RSA-MD2 > or RSA-MD5. These two digital signature algorithms are considered > broken, so GnuTLS fails verifying the certificate." It is unlikely that all four used IMAP servers have this issue. But, what do I know about security. > You might want to see where Mutt hangs with OpenSSL. I posted the backtrace. gnutls deals with the timeout, openssl does not. Olaf
signature.asc
Description: PGP signature
