[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Verifying server certificate failed?!
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
Re: Verifying server certificate failed?! |
|
Date: |
Thu, 15 Mar 2012 19:05:40 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.24) Gecko/20111114 Icedove/3.1.16 |
On 03/15/2012 04:19 PM, Sven Geggus wrote:
> So I definitely think gnutls should be more tolerant about
> certificates which are not in use but provided anyway.
I don't think this is a good idea. The protocol exactly specifies which
certificates should be present. It does not allow any kind of additional
information to be present so by providing it you violate the protocol.
On the practical side, a simpler parser allows for simpler code and
thus less bugs.
regards,
Nikos