Hello Andrew, Am 18.01.21 um 12:17 schrieb Andrew Gallagher via Gnupg-users:
Yes I do understand that behavior, but that wasnt explained that way by Stefan.On 18/01/2021 11:07, Juergen Bruckner via Gnupg-users wrote:Sequoia accepts an *invalid* certificate for the host 'foo.abc.github.io' and that is "failure by design".This is incorrect. Sequoia *does not* accept this invalid certificate. Sequoia and gnupg only differ in their fallback behaviour after the certificate has been correctly rejected.
And I have understood it so far that Stefan claims Sequoia recognizes this certificate as valid and therefore continues to work.
To my understanding, Stefen has not yet spoken of a "fallback".He actually went so far, to urge Werner in a more than rude way to add this (wrong) behavior into GnuPG.
For me personally, this is still a major obstacle to using Sequoia productively or to recommend it to our customers. I still regard this behavior as a gross error that needs to be fixed.
Best regards from Austria Juergen -- /¯\ No | \ / HTML | Juergen Bruckner X in | juergen@bruckner.email / \ Mail |
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users