[gnutls-devel] GnuTLS | Gnutls accepts a certificate with invalid Subject Public Key Info (#873)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Dec 14 10:00:21 CET 2019

Nikos Mavrogiannopoulos commented:

Well I am not sure I understand the issue. The certificate verification process verifies whether the signatures on the certificate are correct. You however expect that gnutls during verification checks also whether the public key on the end certificate makes sense. I am not sure that's a reasonable expectation. Or did I miss the point?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/873#note_260333895
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191214/6f6f9a21/attachment.html>

More information about the Gnutls-devel mailing list