On 08/03/2015 10:41 AM, Tristan Seligmann wrote: > Unfortunately there are some significant challenges with 2.0+. The > primary issue is the dependency on tlslite, which was removed from > Debian previously due to being insecure and unmaintained. In addition, > quite a bit of the certificate handling code does things incorrectly > (see eg. the certificate chain verification code[1] that does not > check the certificate purpose, allowing anyone with a valid cert to > sign a fraudulent cert as if they were a CA). > > I would very much welcome help with these issues, but be warned there > is most likely a fair amount of work involved in either rewriting the > cert-handling code to use another library (probably > python-openssl/python-cryptography), or resurrecting and maintaining > the tlslite package. >
hello, Electrum developer here. It would be nice if you could post an issue on Github describing precisely the problems you see with certificate handling. I am aware that tlslite is unmaintained, and I am planning to replace it. However, pycrypto is not an option for Electrum, because it is not pure python. thank you, Thomas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
