[gnutls-devel] GnuTLS | WIP: RFC7250 Raw public keys (!650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Sep 14 12:00:59 CEST 2018
Nikos Mavrogiannopoulos started a new discussion on doc/cha-gtls-app.texi:
>
> @showfuncB{gnutls_certificate_verify_peers3,gnutls_certificate_set_verify_function}
>
> +Note that when using raw public-keys verification will not work because there is no corresponding
> +certificate body belonging to the raw key that can be verified. For authenticating raw public-keys
> +one must use an out-of-band mechanism.
I'd give an example of such a mechanism, such as:
```
e.g., by comparing hashes or trust on first use (see the relevant section).
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_101394021
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180914/fc018ef2/attachment.html>
More information about the Gnutls-devel
mailing list