[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] Re: CA cert verification
From: |
Martin Lambers |
Subject: |
Re: [Help-gnutls] Re: CA cert verification |
Date: |
Wed, 24 Aug 2005 17:58:13 +0200 |
User-agent: |
Mutt/1.5.6+20040907i |
On Wed, 24. Aug 2005, 12:15:52 +0200, Simon Josefsson wrote:
> Good idea, I added:
>
> * Note that some commonly used X.509 Certificate Authorities are
> * still using Version 1 certificates. If you want to accept them,
> * you need to call gnutls_certificate_set_verify_flags() with, e.g.,
> * %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT parameter.
What is the reason why Version 1 certificates are not accepted by
default? Is it safe to always set the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT
flag?
Martin
- [Help-gnutls] CA cert verification, Daniel Stenberg, 2005/08/22
- Re: [Help-gnutls] CA cert verification, Nikos Mavrogiannopoulos, 2005/08/23
- Re: [Help-gnutls] CA cert verification, Daniel Stenberg, 2005/08/23
- Re: [Help-gnutls] CA cert verification, Daniel Stenberg, 2005/08/23
- [Help-gnutls] Re: CA cert verification, Simon Josefsson, 2005/08/23
- [Help-gnutls] Re: CA cert verification, Daniel Stenberg, 2005/08/23
- [Help-gnutls] Re: CA cert verification, Daniel Stenberg, 2005/08/24
- [Help-gnutls] Re: CA cert verification, Simon Josefsson, 2005/08/24
- Re: [Help-gnutls] Re: CA cert verification,
Martin Lambers <=
- Re: [Help-gnutls] Re: CA cert verification, Nikos Mavrogiannopoulos, 2005/08/24
- Re: [Help-gnutls] Re: CA cert verification, Nikos Mavrogiannopoulos, 2005/08/24
- [Help-gnutls] Re: CA cert verification, Simon Josefsson, 2005/08/25