[Help-gnutls] Certificate verification when using OpenPGP certificates

Matthias Wimmer m at tthias.eu
Wed Mar 14 20:26:02 CET 2007


Is there any example or documentation how to do certificate 
verification, if the peer used an OpenPGP key to authenticate? The 
OpenPGP example distributed with GnuTLS (ex-serv-pgp.c) does not do any 

I guess that I have to use gnutls_certificate_verify_peers2() first and 
if that succeeds, all that is left to do is to check if the OpenPGP key 
contains one ID that matches what I expect the peer to be.
Do I have to check anything else? E.g. expiration of the key (as I would 
have to do with X.509 certificates, but there does not seem to be a 
function for that) or the self signature of the key (I'd expect that 
this might already been done by gnutls_certificate_verify_peers2())?


More information about the Gnutls-help mailing list