regarding pidgin's support for NSS

David Woodhouse dwmw2 at
Tue Sep 16 16:26:17 EDT 2014

On Tue, 2014-09-16 at 22:13 +0200, Kai Engert wrote:
> I think there is no bug yet.
> Nikos mentioned to me, he believes that GnuTLS is behaving as intended,
> because the specs say to follow what the server sends.

I'd have to read the spec and look at a specific example when I'm not
sitting in a meeting, but at first glance it seems that would imply that
the NSS behaviour is actually a security flaw, accepting certificates
which the spec says it should reject.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <>

More information about the Devel mailing list