[Help-gnutls] Certificate verification when using OpenPGP certificates
Matthias Wimmer
m at tthias.eu
Wed Mar 14 20:28:17 CET 2007
Hi!
Is there any example or documentation how to do certificate
verification, if the peer used an OpenPGP key to authenticate? The
OpenPGP example distributed with GnuTLS (ex-serv-pgp.c) does not do any
verification.
I guess that I have to use gnutls_certificate_verify_peers2() first and
if that succeeds, all that is left to do is to check if the OpenPGP key
contains one ID that matches what I expect the peer to be.
Do I have to check anything else? E.g. expiration of the key (as I would
have to do with X.509 certificates, but there does not seem to be a
function for that) or the self signature of the key (I'd expect that
this might already been done by gnutls_certificate_verify_peers2())?
Matthias
More information about the Gnutls-help
mailing list