[gnutls-devel] GnuTLS | RFC 5280 compliance: GnuTLS accepts CRL files with duplicate revoked entries or duplicate certificate serial numbers. (#1704)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sun Apr 20 13:31:00 CEST 2025
One happy person created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1704
## Description of problem:
Hello developer, I successfully parsed a CRL file with duplicate revocation entries or duplicate serial numbers using GnuTLS.
## Version of gnutls used:
GnuTLS 3.8.9
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu
## How reproducible:
certtool --crl-info --inder --infile crl_revoked_dublicate.der
certtool --crl-info --inder --infile crl_revoked_dublicate_serial.der
## Actual results:
GnuTLS successfully parsed all the revoked entries from this CRL file.
## Expected results:
[crl_revoked_dublicate.der](/uploads/b62c62dec541b9efe3523d7f38cbc825/crl_revoked_dublicate.der)
[crl_revoked_dublicate_serial.der](/uploads/c4766ece3d25f4bc8c5a84458463f71a/crl_revoked_dublicate_serial.der)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1704
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250420/2d97b967/attachment.html>
More information about the Gnutls-devel
mailing list