Hi Martin, Would you like to move your questions to our gitlab.com site as an issue to initiate the discussion? I am not sure all in the development team follow this mailing list.
regards, Nikos On Thu, Mar 5, 2020 at 4:48 PM Martin Ukrop <[email protected]> wrote: > > Hi, > > I’m the lead of a university project investigating (and improving) the > usability of certificate validation errors. Our goal is to simplify the > ecosystem by consolidating the errors and their documentation in one place, > providing replicable example certificates for all validation errors and by > explaining better what the individual errors mean. The project is live at > https://x509errors.org/ > > Now we are reaching out to library developers and users (you) to ask for > feedback. > > Currently, we base the system on OpenSSL errors (as it’s the most common). We > have example certificates for 30+ OpenSSL errors and in-progress mapping for > corresponding errors error for OpenSSL, GnuTLS, Botan and MbedTLS. > In the future, we plan the possibility of web reorganization based on the > other libraries (currently, the web is organized by OpenSSL), adding the > error frequencies based on IP-wide scans and elaborating on the consequences > of individual errors. > Ultimately, we want to propose better (ideally user-tested) errors and their > documentation. (Just recently, we made a survey among 180 developers > regarding their error documentation preference with good reception). > > As developers/users of TLS libraries, what do you think of the idea? > * Which part(s) do you find the most/least useful? > * Is there anything you see missing? > * What are your thoughts on unifying the error taxonomy? (a very long-term > goal, if at all possible) > > During spring, we would like to start creating pull requests improving the > documentation and error messages in some of the libraries. Would you welcome > such contributions? > > For transparency: My PhD is done at Masaryk University (Czech Republic) and > I’m partially supported by Red Hat Czech. > > With regards, > Martin. > _______________________________________________ > Gnutls-help mailing list > [email protected] > http://lists.gnupg.org/mailman/listinfo/gnutls-help _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
