[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Default value of tls-checktrust should be 'ask
From: |
Sascha Wilde |
Subject: |
Re: Default value of tls-checktrust should be 'ask |
Date: |
Tue, 08 Apr 2008 12:55:08 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (gnu/linux) |
Jason Rumney <address@hidden> wrote:
> We should also provide an easy way to insert the certificate into a
> local trust store (ie 'ask will allow "always" and "never" as well as
> "yes" and "no" answers) , to give the power over who to trust back to
> the users, rather than allowing companies like Verisign to monopolise
> it. Does gnutls have a local per user store we can use for this?
No need for this, you can always add (or remove) any CAs root
certificate, see tls-checktrust docstring for examples on how to
configure a specific root-cert collection. (and of cause the
documentation for gnutls for further details.)
cheers
sascha
--
Sascha Wilde
God put me on earth to accomplish a certain number of things.
Right now I am so far behind I will never die.
-- Bill Waterson, Calvin and Hobbes