On 07/24/2010 03:06 AM, Mads Kiilerich wrote: >>> I can see that you added PK_X509_RSA_OID since 2.10.0. Could this >>> perhaps be added too? >>> There is also anecdotical evidence that SIG_RSA_SHA1_OID needs the same >>> treatment. I haven't seen that, but getting both fixed at once could be >>> great. >> I've added them to the 2.10.x branch. I've not added the SHA1_OID but if >> you have some certificates using it, I'll add it. Clearly this OID >> shouldn't have been there! > > Thanks! > > The anecdote of the need for SIG_RSA_SHA1_OID could be tracked down to > the comments on > http://sourceforge.net/tracker/index.php?func=detail&aid=1744033&group_id=24366&atid=381349 > . But the BER encoded certificate on > https://developer.mozilla.org/en/Introduction_to_Public-Key_Cryptography#A_Typical_Certificate > (which despite the text _not_ is what is displayed) also uses > tbsCertificate.subjectPublicKeyInfo.algorithm=sha1WithRSAEncryption. > Please consider adding support for that too. I've added that too.
> If you are going to make a release from gnutls_2_10_x then I hope you > will include "Correctly deinitialize crypto API handles." as well. The fix is already there so it will be included. > However, according to NEWS you have released 2.11.0 already - but it is > not on ftp://ftp.gnu.org/pub/gnu/gnutls/ ? It is development release so it is available on alpha.gnu.org (not yet) and ftp.gnutls.org/pub/gnutls/devel only. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
