[gnutls-devel] GnuTLS | Name Constraints applied to intermediate CA CN because CA certificate does not have Extended key usage (2.5.29.37) (#776)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Jul 18 04:06:31 CEST 2019
Luiz Angelo Daros de Luca commented on a discussion: https://gitlab.com/gnutls/gnutls/issues/776#note_193055184
Yes, that is the one issue.
Second, I'm not sure if the verify_crt() assumptions if one use it validating an CA certificate, not a server one. Is it meant to be used for that too?
And also, as you mentioned, gnutls missing directory validation. Adding that will require some change in the verify_crt() function logic. Does this more a feature request than a bug.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/776#note_193055184
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190718/7e8e66f9/attachment.html>
More information about the Gnutls-devel
mailing list