[gnutls-devel] GnuTLS | Gnutls accepts a certificate with invalid Subject Public Key Info (#873)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Dec 14 14:26:52 CET 2019




llqll commented:


What I want to express is what you understand. I hope that gnutls during verification checks also whether the public key on the end certificate makes sense. If not checked, gnutls will accept certificates that do not conform to the public key syntax. In addition, some ssl implementations (openssl, mbedtls and wolfssl) have checked these.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/873#note_260358768
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191214/1bdaf2e2/attachment.html>


More information about the Gnutls-devel mailing list