On Thu 2008-11-06 07:38:28 -0500, Scott Schaeffner wrote: > gnupgp contains a parameter to determine which of these two certificate > validation models (shell or chain - --validation-model) shall be used > (http://gnupg.org/documentation/manuals/gnupg/Certificate-Options.html).
To be clear, this gpg documentation is in the "GPGSM Options" section, so it refers to the X.509 certificates, not OpenPGP certificates, correct? > I was looking into the gnutls manual and did not find a statement > concerning the validation model that is being used. I don't see any clear notes on the page you linked explaining specifically what "shell" and "chain" mean in this context. However, GnuTLS has several functions that can be used for X.509 certificate validation: http://www.gnu.org/software/gnutls/manual/html_node/Verifying-X_002e509-certificate-paths.html http://www.gnu.org/software/gnutls/manual/html_node/X_002e509-certificate-functions.html You should be able to use those functions to build a certificate validation that meets your specific needs. What are you trying to do? --dkg
pgpoAzpInhGnN.pgp
Description: PGP signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
