Hi, I really like Aquamail, it's by far the best of the email clients out there for Android. However, I'd just like to say that this prompt really has quite an annoying impact for me, and I suspect others as this CA becomes more popular.
I switched to using let's encrypt (google it) for my SSL certificates, and they expire every 3 months (and renew more frequently than that - about every 1-2 months). This means I have to renew the certificates by accepting this dialog for all my devices and the rest of my family's devices every month or two, which is quite irritating. Sadly, let's encrypt won't change this policy (it's quite understandable why they're doing it this way, if you read their FAQ), but it means the usability experience for anyone using let's encrypt with your email program really is quite annoying.
It'd be great if "strict" checking checked for validity vs either the system keychain or a keychain of my devising rather than showing everyone that "hey, let's encrypt autorefreshed, AGAIN". I really don't want to use "loose" checking, because why did I even bother with getting valid SSL certificates in the first place then?
What should matter for strict ssl is that the certificate hostname is valid, the certificate is in date, it's still signed by let's encrypt and it hasn't appeared on one of the revocation lists. It'd be great if your application followed this.
Thanks!
Edit: apologies for the accidental necro with this post to the wrong thread earlier