[gnutls-devel] GnuTLS | certtool: --verify-profile option does not override system-wide priority configuration (#1772)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Dec 9 14:37:26 CET 2025
Alexander Sosedkin commented: https://gitlab.com/gnutls/gnutls/-/issues/1772#note_2942230541
While I'm certainly of an opinion that at least the allowlisting mode of configuration should treat the config values as defaults overrideable with CLI switches / priority strings / etc, I'm having my doubts about the older, default config mode where the values have been treated as hard limits. It could be that we might need differing semantics for differing modes.
Oh yeah, and this is a behaviour change, so it might have to go into an appropriately disruptive release.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1772#note_2942230541
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20251209/4be2c55b/attachment-0001.html>
More information about the Gnutls-devel
mailing list