On Wed, 24. Aug 2005, 12:15:52 +0200, Simon Josefsson wrote: > Good idea, I added: > > * Note that some commonly used X.509 Certificate Authorities are > * still using Version 1 certificates. If you want to accept them, > * you need to call gnutls_certificate_set_verify_flags() with, e.g., > * %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT parameter.
What is the reason why Version 1 certificates are not accepted by default? Is it safe to always set the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag? Martin _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
