regarding pidgin's support for NSS

Kai Engert kaie at
Tue Sep 16 16:13:54 EDT 2014

On Tue, 2014-09-16 at 13:07 -0700, David Woodhouse wrote:
> On Tue, 2014-09-16 at 21:54 +0200, Kai Engert wrote:
> > 
> > If you go to GnuTLS, you will suffer pain during future phasing out of
> > old, weak, no longer supported CA certificates, by experiencing failure
> > in connectivity. Or unless GnuTLS gets fixed, which I have no idea
> > whether that will happen.
> Can you give me a reference to the bug filed against GnuTLS please?
> A bug in Red Hat bugzilla would be fine. 

I think there is no bug yet.
Nikos mentioned to me, he believes that GnuTLS is behaving as intended,
because the specs say to follow what the server sends.

So, if you want this to change, someone will have to file a bug against
GnuTLS, requesting to implement more flexible certificate path building.


More information about the Devel mailing list