[gnutls-devel] GnuTLS | Check key purpose on gnutls_certificate_verify_peers3/2 (#808)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Jul 29 10:04:10 CEST 2019
Nikos Mavrogiannopoulos commented:
They key purpose referenced above is:
```
id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
-- TLS WWW server authentication
-- Key usage bits that may be consistent: digitalSignature,
-- keyEncipherment or keyAgreement
id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
-- TLS WWW client authentication
-- Key usage bits that may be consistent: digitalSignature
-- and/or keyAgreement
```
Note that I may be mistaken on that request since this is specific about `WWW` client and server auth, and not general authentication.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/808#note_196920887
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190729/f8292ce4/attachment.html>
More information about the Gnutls-devel
mailing list