Hi Ben,
Yes, a reply after a few weeks is still very useful, thanks!
You are right about the point that every library has an "expired" code,
though I start to see other differences. The number of errors itself wildly
differ – OpenSSL has over 75 of certificate-related errors, while GnuTLS
has
On Wed, Mar 25, 2020 at 10:21:36PM -0700, Benjamin Kaduk wrote:
> I tihnk it's an interesting idea. To me, perhaps the most valuable part
> would be to accumulate a corpus of certificates/chains that are malformed
> or fail to validate due to a wide variety of errors, almost akin to a
> fuzzing
Hi Martin,
Hopefully this response is still useful a few weeks later.
On Thu, Mar 05, 2020 at 04:10:10PM +0100, Martin Ukrop wrote:
> Hi,
>
> I’m the lead of a university project investigating (and improving) the
> usability of certificate validation errors. Our goal is to simplify the
>
Hi,
I’m the lead of a university project investigating (and improving) the
usability of certificate validation errors. Our goal is to simplify the
ecosystem by consolidating the errors and their documentation in one place,
providing replicable example certificates for all validation errors and by
