gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[sr #107648] Misleading documentation for GNUTLS_VERIFY_ALLOW_X509_V1_CA

From: Christopher Head
Subject: [sr #107648] Misleading documentation for GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT
Date: Tue, 05 Apr 2011 01:52:45 +0000
User-agent: Opera/9.80 (X11; Linux x86_64; U; en) Presto/2.7.62 Version/11.01 
URL:
  <http://savannah.gnu.org/support/?107648>

                 Summary: Misleading documentation for
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT
                 Project: GnuTLS
            Submitted by: hawk777
            Submitted on: Tue 05 Apr 2011 01:52:44 AM GMT
                Category: None
                Priority: 5 - Normal
                Severity: 2 - Minor
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: None

    _______________________________________________________

Details:

The GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT option has as its first documentation
sentence "Allow only trusted CA certificates that have version 1.".

This is misleading. The first time I read it, I thought it meant it would
reject V3 CA certificates, allowing only V1 CA certificates! It might read
better as "Allow only trusted CA certificates *to be* version 1."




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?107648>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]