[Pidgin] #9360: Invalid certificate authority signature
Pidgin
trac at pidgin.im
Wed Jul 22 03:34:23 EDT 2009
#9360: Invalid certificate authority signature
-------------------------+--------------------------------------------------
Reporter: MikeyCarter | Owner: darkrain42
Type: defect | Status: closed
Milestone: 2.6.0 | Component: libpurple
Version: 2.5.8 | Resolution: fixed
Keywords: SSL |
-------------------------+--------------------------------------------------
Changes (by darkrain42 at pidgin.im):
* status: new => closed
* resolution: => fixed
Comment:
(In [9fa808b57669d76c0989b16c2568cb7a7047511e]):[[BR]]
A better solution for verifying certificate chains with NSS 3.12.3.
Instead of allowing weak certificate algorithms all over the place,
which is what the NSS flag we are enabling, short-circuit a verification
a step early if the fingerprint of the last-checked certificate matches
its signer's certificate (retrieved from the trusted CA pool).
Closes #9360.
--
Ticket URL: <http://developer.pidgin.im/ticket/9360#comment:13>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list