[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GnuTLS 2.3.14 - third release candidate for 2.4.0

From: Simon Josefsson
Subject: Re: GnuTLS 2.3.14 - third release candidate for 2.4.0
Date: Sun, 15 Jun 2008 23:03:27 +0200
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/22.2 (gnu/linux)

Daniel Kahn Gillmor <address@hidden> writes:

> On Tue 2008-06-10 18:23:01 -0400, Simon Josefsson wrote:
>> * Version 2.3.14 (released 2008-06-11)
>> ** libgnutls [OpenPGP]: Changed OpenPGP verification behaviour.
>> An OpenPGP certificate is now only considered verified if all the user
>> IDs are verified.
> I've tested this change against Andreas Metzler's debian packaging of
> 2.3.14, and it looks correct.  A single unverifiable User ID on the
> certificate causes verification failure.  This "fail closed" behavior
> is significantly better than the earlier "fail open" behavior.
> Thanks!
> Hopefully for gnutls 2.6 we can cook up more nuanced OpenPGP
> certificate verification, where irrelevant unverified UserIDs don't
> cause a failure.
> Thanks for all the work on this,

Great.  Thanks for confirming the status.  I think we are ready for
2.4.0, but I'll do another release candidate now to make sure.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]