issues with OpenPGP certificate verification

Daniel Kahn Gillmor at
Mon Apr 21 17:30:57 CEST 2008

Hey Folks--

I just opened a couple tickets concerning what appear to be serious
problems with GnuTLS's OpenPGP certificate verification:

 * gnutls-cli continues connection when certificate User ID does not
   match hostname (even without --insecure):

   This is equivalent to accepting a valid TLS certificate from even though the connection was made to

 * gnutls will accept an unsigned UserID as a hostname match as long
   as some signed UserID exists:

   This appears to be a problem with the way that the library offers
   information about the UserIDs in the OpenPGP certificates.  Since
   each UserID in an OpenPGP cert can be signed by 0 or more keys
   (other than the primary key), there needs to be a way to check the
   validity of specific UserIDs, not just the certificate as a whole.

As usual, if you want more details, just post to the tickets, and i'll
provide whatever help i can.

I'm excited to see the library offering OpenPGP features for TLS, but
these problems are significant security concerns.  i want to make sure
that the first major implementation of this extension is secure!

Thanks for all the work on this,

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: </pipermail/attachments/20080421/de6ca473/attachment.pgp>

More information about the Gnutls-devel mailing list