[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking.

From: Lars Magne Ingebrigtsen
Subject: Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking.
Date: Wed, 08 Oct 2014 15:06:52 +0200
User-agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.50 (gnu/linux)

Eli Zaretskii <address@hidden> writes:

> How can it return a valid descriptor without all the validations it
> does before that, which (AFAIU) you want to delegate to Lisp now?

It would validate the certificate, but never drop the connection even if
the certificate is invalid.  It would be up to `open-network-stream' to
close the connection if the user decides to not accept the invalid (or
self-signed) certificate.

(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]