[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Network security manager
From: |
Lars Magne Ingebrigtsen |
Subject: |
Re: Network security manager |
Date: |
Tue, 18 Nov 2014 23:37:40 +0100 |
User-agent: |
Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.51 (gnu/linux) |
Toke Høiland-Jørgensen <address@hidden> writes:
> Well, according to the documentation:
> http://www.gnutls.org/manual/html_node/Verifying-X_002e509-certificate-paths.html
>
> GNUTLS_CERT_SIGNER_NOT_CA means:
>
> "The certificate’s signer was not a CA. This may happen if this was
> a version 1 certificate, which is common with some CAs, or a version
> 3 certificate without the basic constrains extension."
>
> Whereas GNUTLS_CERT_SIGNER_NOT_FOUND is the common "we don't trust
> whoever signed this". So I'd think that GNUTLS_CERT_SIGNER_NOT_FOUND
> would be returned for all self-signed certificates, and possibly
> GNUTLS_CERT_SIGNER_NOT_CA in addition. If GNUTLS_CERT_SIGNER_NOT_CA is
> returned for a legitimately signed certificate (from the trust store),
> the CA is probably doing something wrong.
Right. I've now tweaked the values returned so that we get the
:self-signed error for SIGNER_NOT_FOUND, which should make more sense to
the user.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- Re: Network security manager, (continued)
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/19
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/19
- Re: Network security manager, Ted Zlatanov, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/18
- Re: Network security manager,
Lars Magne Ingebrigtsen <=
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Ted Zlatanov, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Glenn Morris, 2014/11/18
- Re: Network security manager, Daniel Colascione, 2014/11/18
- Re: Network security manager, Eli Zaretskii, 2014/11/18
- Re: Network security manager, Steinar Bang, 2014/11/22