gpgsm: Cert trouble GPG_ERR_NO_VALUE for GTE CyberTrust Global Root
Bernhard Reiter
bernhard at intevation.de
Mon Apr 6 09:58:14 CEST 2009
Am Freitag, 3. April 2009 16:17:18 schrieb Werner Koch:
> On Fri, 3 Apr 2009 15:43, bernhard at intevation.de said:
> > consistency checks" this would be very helpful. Then they could look up
> > the documentation which could potentially read like
> >
> > The CMS implementation does a number of basic consistency checks
> > before using a certificate. For 2.0.11 these checks for instance are
> > about a) certificate length > X years
>
> [...]
>
> Basically you want a complete description of every error case in GnuPG.
> That is not going to happenn given the sheer amount of checks we do.
First I want a useful overview message, that states that the problem actually
is within the internal certificate checks (and not with the chain or the CRLs
or so).
Having an idea which kind of stuff is checked is a potential other step.
> There is this --audit feature I am working on and if this certain error
> will occur more often, it makes sense to add specific support for this.
Given that I have it twice in real support cases, having a "bad" certificate
is a common case.
> FWIW, I started to write a list of error code usages in GnuPG et al.
> This will take quite some time to finish but eventualy if provide a
> useful cross reference.
Sounds useful!
Bernhard
--
Managing Director - Owner: www.intevation.net (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
More information about the Gnupg-devel
mailing list