Re: "known in advance" public key authentication?

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "known in advance" public key authentication?

From:	Florian Weimer
Subject:	Re: "known in advance" public key authentication?
Date:	Sun, 18 Nov 2012 20:53:23 +0100

* Nikos Mavrogiannopoulos:

>>> What do you mean by valid X.509v3? I suppose even the authors of X.509
>>> wouldn't even know what that means :) Anything we could improve?
>> 
>> I managed to create a version 1 certificate with extensions. 8-/

> Was that using certtool or by the API? If it is the former then it is
> indeed a bug, but for the latter I don't know if it's worth the
> complexity of the checks.

No, it was using the APIs.

It might sense to add a best-effort certificate sanity checking
function, with explicit warning that future versions might impose
tighter checks.  I have to think about it.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: "known in advance" public key authentication?, (continued)
- Re: "known in advance" public key authentication?, Ilari Liusvaara, 2012/11/07
- Re: "known in advance" public key authentication?, Florian Weimer, 2012/11/07
  - Re: "known in advance" public key authentication?, Nikos Mavrogiannopoulos, 2012/11/07
    - Re: "known in advance" public key authentication?, Florian Weimer, 2012/11/15
    - Re: "known in advance" public key authentication?, Nikos Mavrogiannopoulos, 2012/11/18
    - Re: "known in advance" public key authentication?, Florian Weimer <=
  - Re: "known in advance" public key authentication?, Ivan Shmakov, 2012/11/07
    - Re: "known in advance" public key authentication?, Daniel Kahn Gillmor, 2012/11/08

Prev by Date: Re: "known in advance" public key authentication?
Next by Date: Example of creating certificate from code using gnutls
Previous by thread: Re: "known in advance" public key authentication?
Next by thread: Re: "known in advance" public key authentication?
Index(es):
- Date
- Thread