bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#35787: 26.2; gnutls: accessing raw server certificate data


From: Lars Ingebrigtsen
Subject: bug#35787: 26.2; gnutls: accessing raw server certificate data
Date: Tue, 09 Jul 2019 15:44:42 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Julian Scheid <address@hidden> writes:

> So, to make this work it looks like I'd need either
>
> 1) the fingerprint, but using the hash function as required by the RFC, or
> 2) the certificate as a binary blob.

I think putting the signature itself in the process object (in addition
to all the details) makes some sense, but perhaps it's wastes
unnecessary memory...

There's gnutls-peer-status, and that could also be amended to return the
full certificate.  But, again, that's also called for virtually any TLS
connection.

Perhaps a new function to return the actual certificate?  And perhaps it
should just return the entire certificate chain?

Anybody got an opinion here?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





reply via email to

[Prev in Thread] Current Thread [Next in Thread]