[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: deprecating MD5 in signature verification for gnutls-{cli, serv}
From: |
Simon Josefsson |
Subject: |
Re: deprecating MD5 in signature verification for gnutls-{cli, serv} |
Date: |
Tue, 06 Jan 2009 22:50:56 +0100 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/22.2 (gnu/linux) |
Nikos Mavrogiannopoulos <address@hidden> writes:
> Daniel Kahn Gillmor wrote:
>> On 01/06/2009 03:40 AM, Nikos Mavrogiannopoulos wrote:
>>> Looks like the correct thing to do. Apply it!
>
>> OK, it's applied to the git head. Is this something that should be
>> backported to the 2.6 branch?
>
> Since it is a bugfix i think it qualifies for backporting, but Simon
> should have the last word on that.
I agree, Daniel please backport it. Please also add NEWS items for the
change.
To avoid regressions, I'm adding the chain to the self-tests. It would
be useful if we had a more comprehensive self-test suite for X.509
chaining, given the three latest problems it seems this is an
under-tested area. There is the PKITS stuff, but its license is
unclear...
/Simon
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, (continued)
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Tomas Mraz, 2009/01/05
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Tomas Mraz, 2009/01/05
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Daniel Kahn Gillmor, 2009/01/05
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Daniel Kahn Gillmor, 2009/01/06
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Daniel Kahn Gillmor, 2009/01/06
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Nikos Mavrogiannopoulos, 2009/01/06
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Daniel Kahn Gillmor, 2009/01/06
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Nikos Mavrogiannopoulos, 2009/01/06
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Daniel Kahn Gillmor, 2009/01/06
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv},
Simon Josefsson <=
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Daniel Kahn Gillmor, 2009/01/06
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Simon Josefsson, 2009/01/07
- Re: deprecating MD5 in signature verification for gnutls-{cli, serv}, Simon Josefsson, 2009/01/06