severity 481132 wontfix
notforwarded 481132
thanks
brian m. carlson sand...@crustytoothpaste.ath.cx writes:
Apparently OpenSSL doesn't try to use kEDH, and so it doesn't fail.
GnuTLS should implement the same behavior; if a certificate doesn't
support digitalSignature, then GnuTLS shouldn't
I've figured out what the problem is. If I don't disable kEDH in
sendmail's config, it fails, but if I do disable it, it works.
My IMAP server also has kEDH disabled, and so it also works.
Apparently OpenSSL doesn't try to use kEDH, and so it doesn't fail.
GnuTLS should implement the same
forwarded 481132 http://trac.gnutls.org/cgi-bin/trac.cgi/ticket/39
severity 481132 wishlist
thanks
brian m. carlson [EMAIL PROTECTED] writes:
retitle 481132 libgnutls26: should use EDH only if server cert supports it
kthxbye
On Wed, May 14, 2008 at 05:42:45PM +0200, Simon Josefsson wrote:
brian m. carlson [EMAIL PROTECTED] writes:
Package: libgnutls26
Version: 2.2.3-1
Severity: important
I regenerated my SSL certificates today (due to the security advisory)
and mutt now refuses to connect to my SMTP server with STARTTLS. This
is obviously unsuitable.
Using
retitle 481132 libgnutls26: should use EDH only if server cert supports it
kthxbye
On Wed, May 14, 2008 at 05:42:45PM +0200, Simon Josefsson wrote:
Hi! Thanks for the report. Unfortunately, I think your certificate is
incorrect, you'll need the digitalSignature Key Usage Bit as well.
RFC
5 matches
Mail list logo
