Verifying server certificate failed?!

[Nikos Mavrogiannopoulos]

On 03/15/2012 04:19 PM, Sven Geggus wrote:

> So I definitely think gnutls should be more tolerant about

> certificates which are not in use but provided anyway.


I don't think this is a good idea. The protocol exactly specifies which
certificates should be present. It does not allow any kind of additional
information to be present so by providing it you violate the protocol.

On the practical side, a simpler parser allows for simpler code and
thus less bugs.

regards,
Nikos