On 10/25/2013 04:43 PM, Tobias Gruetzmacher wrote: > Hi, > > while working with a self-signed certificate I got from a client, I > noticed, certtool will spit out: > > Signature Algorithm: unknown > warning: signed using a broken signature algorithm that can be forged. > > while OpenSSL detects this correctly as: > > Signature Algorithm: sha1WithRSA > > When I activate debugging I get this additional message: > > |<2>| Unknown SIGN OID: '1.3.14.3.2.29' > > Would it be possible for GnuTLS to detect this correctly?
Interesting. The usual OID to use in a certificate is 2.5.8.1.1. However, we have already some fallback when some strange OIDs are encountered. I'll also add your OID to the list. Could you send me the certificate to test it is recognized? regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
