[Help-gnutls] Re: Certificate verification failed

[Simon Josefsson]

Nikos Mavrogiannopoulos <address@hidden> writes:

> This cannot be solved. This certificate uses MD2 which is not included in 
> libgcrypt as yet. I don't know if there are plans to include it in the future 
> though.

We could add a MD2 implementation to gnulib, to make GnuTLS support
this when MD2 is not available through libgcrypt.  I'm working on this
now.

However, I am skeptical about supporting MD2, and even MD5, by
default.  I know GnuTLS certtool print a warning about MD5, but the
library does not, and most GnuTLS library users probably doesn't
either.

I think we should disable both MD2 and MD5, and introduce an API to
modify gnutls_certificate_verify_peers2, a'la

  gnutls_enable_insecure_algorithm (&session, GNUTLS_SIGN_RSA_MD2)

and a new gnutls_certificate_verify_flags enumeration type, for
gnutls_x509_crt_verify calls, e.g.:

  GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2
  GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5

All this for applications/users that want to sacrifice security for
interoperability.

What do you think?

Cheers,
Simon