[gnutls-devel] Support for OCSP Must-staple ?

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Jun 1 16:24:13 CEST 2016

On Mon, May 23, 2016 at 11:50 PM, Tim Kosse
<tim.kosse at filezilla-project.org> wrote:
> If I remember correctly, the following things are still missing:
> - More unit tests
> - Copying of the feature extension data from CRQs into the generated
> certificates

 That was already handled (but needed the honor_crq_extensions
template directive). I've included this as a functionality check in

> - Dealing with certificate chains as described in section 4.2.2 of RFC7633

This should now be complete.

I've created it as a merge request, since it touches the verification
boundary which is quite sensitive. If you (or anyone else) would like
to review it, I'd appreciate it. The most concerning  commits are
132d3f84 and 39c1239c .


More information about the Gnutls-devel mailing list