[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#31946: 27.0.50; The NSM should warn about more TLS problems
From: |
Lars Ingebrigtsen |
Subject: |
bug#31946: 27.0.50; The NSM should warn about more TLS problems |
Date: |
Sun, 08 Jul 2018 16:22:28 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Noam Postavsky <npostavs@gmail.com> writes:
> But in Emacs, I'm getting this from gnutls_x509_crt_get_issuer_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority"
>
> and this from gnutls_x509_crt_get_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006
> VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public
> Primary Certification Authority - G5"
Ah, I see...
> So gnutls is getting this non-matching issuer from somewhere, but it's
> unclear to me where.
Hm...
Oh! I see that gnutls has gotten several variations on these functions
now. For instance:
https://www.gnutls.org/reference/gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3
It says:
"When the flag GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
format will match the format output by previous to 3.5.6 versions of
GnuTLS which was not not fully RFC4514-compliant."
Which I would interpret to mean that the dn3 version of these functions
now return the RFC4515-compliant strings. Perhaps we should call these
newer functions instead of the _dn functions? I guess more #ifdefs and
configure checks will be needed...
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Eli Zaretskii, 2018/07/01
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/03
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/07/03
- bug#31946: 27.0.50; The NSM should warn about more TLS problems,
Lars Ingebrigtsen <=
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/07/09
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/22
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/07/29
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08