Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking.

[Lars Magne Ingebrigtsen]

Toke Høiland-Jørgensen <address@hidden> writes:

> Right, so (just to make sure I'm understanding you right), what you
> propose is to get rid of all the current validation logic in C (i.e the
> erroring out) and just return something like (<cert hash> <cert
> hostname> <CA validity status>) -- and then make the lisp code work out
> the rest?

Yup, I think that would be more flexible.

I think it would also be nice if the entire cert was also returned (in a
convenient format), so that Emacs can display the pertinent parts while
querying the user about what action to take.

Like "signed by CA foo on date baz for host zot" and so on.

And perhaps display graphically the fingerprint like ssh does?  I have
no idea what's involved there, so I don't know whether that would be
possible (or easy)...

> Right now it seems the C code refuses to even return the opened network
> stream object if validation fails; with this, that would have to change,
> and the C code wouldn't make any policy decisions?

Yup.  But perhaps Ted (or other people) have opinions here.  >"?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no