x509 v1 certificate

ARIGA Seiji ariga at os.rim.or.jp
Sat Sep 30 04:11:36 CEST 2006


On Fri, 29 Sep 2006 18:18:30 +0200,
Werner Koch <wk at gnupg.org> wrote,

> > ----
> > gpgsm: error getting key usage information: No value
> > gpgsm: invalid certification chain: No value
> > ----
> 
> Sure, that you added the "relax" flag to the appropriate line of the
> trustlist.txt and also updated the gpg-agent.?

do you mean that is expected ? i thought you've changed gpgsm to allow
us to use/validate old VeriSign cert (v1 certs).

# but as i showed, "--verify" still failed.

without "relax", i only got this.

----
gpgsm: invalid certification chain: No value
----

i think certlist.c:cert_usage_p() returns message
above ("... key usage ...").

# this is called by certchain.c:gpgsm_cert_use_cert_p()
# (which looks irrelevant to "relax" flag).

// ARIGA Seiji



More information about the Gnupg-devel mailing list