8
1
I use gmail with mutt over imap. imaps://imap.gmail.com:993
Today when I launched mutt, it prompted me to reject or accept a certificate. Screenshot:
q:Exit ?:Help
This certificate belongs to:
Google Internet Authority
Google Inc
US
This certificate was issued by:
Equifax
Equifax Secure Certificate Authority
US
This certificate is valid
from Wed, 12 Dec 2012 15:58:50 UTC
to Tue, 31 Dec 2013 15:58:50 UTC
SHA1 Fingerprint: 5967 6E6B DD9F 4D9D DAE6 A15D 9DBC DF24 357C F776
MD5 Fingerprint: 5799 FA8E 83BC E022 0721 988A 0172 7ECB
-- Mutt: SSL Certificate check (certificate 1 of 2 in chain)
(r)eject, accept (o)nce, (a)ccept always
How can I verify that this really is the right certificate? Should I be making sure the fingerprints match?
1So, ideally, Google would publish the fingerprints for their various fingerprints. I feel like if I hit accept, I'm blindly trusting this certificate, since I don't know where to access a known legit copy. – djeikyb – 2013-04-30T20:10:39.280
Also, since the cert claims to be issued by Equifax, is there a way to verify that instead of the fingerprints for gmail's imap? – djeikyb – 2013-04-30T22:41:02.677