deprecating MD5 in signature verification for gnutls-{cli, serv}

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Jan 6 17:47:33 CET 2009


On 01/06/2009 11:33 AM, Nikos Mavrogiannopoulos wrote:
>> Currently our documentation doesn't match
>> our implementation there.
> 
> In what sense?

I just meant that our documentation (NEWS) claims that certificate
validations that rely on MD2 and MD5 will fail unless a given flag is
set, but they currently don't do this.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090106/33ad10fc/attachment.pgp>


More information about the Gnutls-devel mailing list