[gnutls-devel] GnuTLS | Name Constraints applied to intermediate CA CN because CA certificate does not have Extended key usage (18.104.22.168) (#776)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Jul 18 04:06:31 CEST 2019
Luiz Angelo Daros de Luca commented on a discussion: https://gitlab.com/gnutls/gnutls/issues/776#note_193055184
Yes, that is the one issue.
Second, I'm not sure if the verify_crt() assumptions if one use it validating an CA certificate, not a server one. Is it meant to be used for that too?
And also, as you mentioned, gnutls missing directory validation. Adding that will require some change in the verify_crt() function logic. Does this more a feature request than a bug.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/776#note_193055184
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel