On 08/03/2015 10:41 AM, Tristan Seligmann wrote: > In addition, > quite a bit of the certificate handling code does things incorrectly > (see eg. the certificate chain verification code[1] that does not > check the certificate purpose, allowing anyone with a valid cert to > sign a fraudulent cert as if they were a CA). >
Instead of suggesting that there are "quite a bit" of incorrect things, and then citing one example, can you provide the full list of problems that you see? also, by "certificate purpose", do you mean Key-Usage? thanks -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
