[Help-gnutls] 1.2.9 release candidate
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Nov 1 11:56:32 CET 2005
On Tuesday 01 November 2005 10:01, Daniel Stenberg wrote:
> #ifdef GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2
> flags | = GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2;
> #endif
No you don't want to add this line. It is not needed to verify the certificate
in question (the one sent some days ago) since it was self signed with MD2,
and it is very dangerous to enable MD2 for any algorithm. If you insist into
adding it make it configurable by the user.
--
Nikos Mavrogiannopoulos
More information about the Gnutls-help
mailing list