[gnutls-devel] Support for OCSP Must-staple ?
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Jun 1 16:24:13 CEST 2016
On Mon, May 23, 2016 at 11:50 PM, Tim Kosse
<tim.kosse at filezilla-project.org> wrote:
> If I remember correctly, the following things are still missing:
> - More unit tests
> - Copying of the feature extension data from CRQs into the generated
> certificates
Hi,
That was already handled (but needed the honor_crq_extensions
template directive). I've included this as a functionality check in
cert-tests/tlsfeature-test.
> - Dealing with certificate chains as described in section 4.2.2 of RFC7633
This should now be complete.
https://gitlab.com/gnutls/gnutls/merge_requests/11
I've created it as a merge request, since it touches the verification
boundary which is quite sensitive. If you (or anyone else) would like
to review it, I'd appreciate it. The most concerning commits are
132d3f84 and 39c1239c .
regards,
Nikos
More information about the Gnutls-devel
mailing list