regarding pidgin's support for NSS
Kai Engert
kaie at kuix.de
Tue Sep 16 16:13:54 EDT 2014
On Tue, 2014-09-16 at 13:07 -0700, David Woodhouse wrote:
> On Tue, 2014-09-16 at 21:54 +0200, Kai Engert wrote:
> >
> > If you go to GnuTLS, you will suffer pain during future phasing out of
> > old, weak, no longer supported CA certificates, by experiencing failure
> > in connectivity. Or unless GnuTLS gets fixed, which I have no idea
> > whether that will happen.
>
> Can you give me a reference to the bug filed against GnuTLS please?
> A bug in Red Hat bugzilla would be fine.
I think there is no bug yet.
Nikos mentioned to me, he believes that GnuTLS is behaving as intended,
because the specs say to follow what the server sends.
So, if you want this to change, someone will have to file a bug against
GnuTLS, requesting to implement more flexible certificate path building.
Kai
More information about the Devel
mailing list