GnuTLS 2.3.12 - second release candidate for 2.4.0

Nikos Mavrogiannopoulos n.mavrogiannopoulos at
Mon Jun 9 14:01:17 CEST 2008

On Mon, Jun 9, 2008 at 12:57 AM, Daniel Kahn Gillmor
< at> wrote:

> It's not clear to me if you mean that this should be resolved in
> 2.3.12, or after 2.3.12, Nikos.  It looks to me like it has *not* been
> resolved in 2.3.12 yet.  In particular, it appears to fail open: when
> one userid is verified, it treats them all as verified, even User IDs
> that have no certifications other than self-signatures.

> When i run the tests from
> against the 2.3.12 packages in debian experimental, i get the
> following output:

Hello Daniel!
 I was talking about a recent commit in the git repository. I've also
modified your tests to check the gnutls behaviour (as it is now both
of your tests should fail). The new behaviour is to consider not
verified all openpgp keys that have at least one unsigned by a trusted
party user id.


More information about the Gnutls-devel mailing list