On Thu, 4 Dec 2014, Ian Jackson wrote:
> Each time you generate an EE key which you intend to use this way,
[…]
This assumes you can control the server key/cert you want to trust.
> Daniel Kahn Gillmor writes ("Re: curl and certificate verification in
> jessie"):
> > So, the idea is that when you "accept" an EE cert, you need to do it
> > with an explicit associate to a specific peer's name, not just the cert
Hm, why would trusting an EE certificate invalidate the name checking?
I can see it only disable the CA chain checking.
> How about the following change to GnuTLS: if _all_ of the supplied
> certificates are EE certificates (eg, have the critical CA constraint
> set to false), we disable this check ?
This sounds like it has lots of potential for people to accidentally
do that and don’t realise it. It also prohibits mixed setups (think,
almost-normal operation, you have a (possibly reduced) set of CAs you
want to trust, plus one or a couple of EE certificates, which are
special cases.
bye,
//mirabilos
--
Sometimes they [people] care too much: pretty printers [and syntax highligh-
ting, d.A.] mechanically produce pretty output that accentuates irrelevant
detail in the program, which is as sensible as putting all the prepositions
in English text in bold font. -- Rob Pike in "Notes on Programming in C"
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/alpine.deb.2.11.1412051108290.4...@tglase.lan.tarent.de
