[gnutls-devel] GnuTLS | Check key purpose on gnutls_certificate_verify_peers3/2 (#808)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Jul 26 09:15:16 CEST 2019



Nikos Mavrogiannopoulos created an issue:


  Currently we don't verify that the purpose of the peer's certificate (server or client), matches the expected one, unless the application explicitly requests that. However there is no reason not to check the key purpose automatically, and the calling function has the entity (server or client) available to it. As this may be seen as breaking existing expectations, thus should go into a minor release update.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/808
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190726/a39ddae4/attachment.html>


More information about the Gnutls-devel mailing list