Fwd: Re: [oss-security] CVE Request: evolution-data-server lacks SSL checking in its libsoup users

[Nikos Mavrogiannopoulos]

On Tue, May 8, 2012 at 2:46 PM, Ludwig Nussel <ludwig.nussel at suse.de> wrote:

[...]
> It supports similar trust settings like NSS though. Check the -addtrust
> parameter of "openssl x509".

Are you sure that addtrust doesn't just consult the object identifiers
present in the certificate?