* Nikos Mavrogiannopoulos: >>> What do you mean by valid X.509v3? I suppose even the authors of X.509 >>> wouldn't even know what that means :) Anything we could improve? >> >> I managed to create a version 1 certificate with extensions. 8-/
> Was that using certtool or by the API? If it is the former then it is > indeed a bug, but for the latter I don't know if it's worth the > complexity of the checks. No, it was using the APIs. It might sense to add a best-effort certificate sanity checking function, with explicit warning that future versions might impose tighter checks. I have to think about it. _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
