[gnutls-devel] GnuTLS | WIP: RFC7250 Raw public keys (!650)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Sep 17 10:50:59 CEST 2018


Nikos Mavrogiannopoulos commented on a discussion on doc/cha-gtls-app.texi:

>  (i.e. different for the client than for the server).
>  
>  Currently supported types are:
> -CTYPE-X509 or CTYPE-X.509. Catch all is CTYPE-ALL.
> +CTYPE-X509 or CTYPE-X.509, CTYPE-RAWPK or CTYPE-RAWPUBKEY. Catch all is CTYPE-ALL.

What is my concern is that as an application developer I usually want to give control to the user to access the priority string in order to change the acceptable ciphers. However, about certificate types, I cannot really write code which will work with any certificate type available, and thus I do not want to give the user control to change them arbitrarily. The PGP experiment was a bad one as it introduced complexity in the 99% of applications which didn't use PGP, that's why I'm for something different/separate now.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_101762791
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180917/9a46f087/attachment.html>


More information about the Gnutls-devel mailing list