Security implications of (not using) GNUTLS_VERIFY_DO_NOT_ALLOW_SAME

[Lars Noschinski]

Hi,

I am wondering when the flag GNUTLS_VERIFY_DO_NOT_ALLOW_SAME should be
used. I've seen it in use in the Wocky library[0], which is used by the
instant messenger client empathy.

This flag seems to prevent connections to servers using certificates
from CAcert.org, as their root and class3 certificates[1] use MD5 and are
hence deemed insecure by gnutls; i.e.

    $ gnutls-cli jabberd.jabber.ccc.de --x509cafile /tmp/cacert.crt

succeeds (where cacert.crt is the concatenation of both the cacert.org
certificates), but if I patch gnutls-cli to set
GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, it fails.

Now, this is probably intended behaviour for GnuTLS, but I wonder whether this 
flag
is a sensible choice for such a client application?

  -- Lars

[0] <http://git.collabora.co.uk/?p=wocky.git>, in particular
    
<http://git.collabora.co.uk/?p=wocky.git;a=blob;f=wocky/wocky-tls.c;h=b7eeb52db85a33062c39e5629421549ef1c649ce;hb=HEAD>
[1] <http://www.cacert.org/index.php?id=3>