regarding pidgin's support for NSS
David Woodhouse
dwmw2 at infradead.org
Tue Sep 16 16:26:17 EDT 2014
On Tue, 2014-09-16 at 22:13 +0200, Kai Engert wrote:
> I think there is no bug yet.
> Nikos mentioned to me, he believes that GnuTLS is behaving as intended,
> because the specs say to follow what the server sends.
I'd have to read the spec and look at a specific example when I'm not
sitting in a meeting, but at first glance it seems that would imply that
the NSS behaviour is actually a security flaw, accepting certificates
which the spec says it should reject.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <https://pidgin.im/pipermail/devel/attachments/20140916/83af2adf/attachment.bin>
More information about the Devel
mailing list