Nikos Mavrogiannopoulos <[EMAIL PROTECTED]> writes: >> I think we should disable both MD2 and MD5, and introduce an API to >> modify gnutls_certificate_verify_peers2, a'la >> gnutls_enable_insecure_algorithm (&session, GNUTLS_SIGN_RSA_MD2) > This will not be necessary if we introduce the flags below. verify_peers2 > will use the flags from gnutls_certificate_set_verify_flags().
Ah, right, I forgot about that interface. Nice. >> and a new gnutls_certificate_verify_flags enumeration type, for >> gnutls_x509_crt_verify calls, e.g.: >> GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 >> GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 > Yes it is indeed a very nice idea. Security must be an issue in the library. Right. I think the defaults should be slightly conservative. Given that MD2 is broken, and there is even information on how to produce certificates with colliding signatures for MD5, I think we are way passed the point of being slightly conservative in disabling them. But we should have a way to re-enable them, first, to allow for interoperability. I'll take a stab at fixing this later today... Thanks, Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
