#3916: Mutt 1.8: TOFU approach bails out on first fail or reject, not offering
higher links of the cert' chain
--------------------------+----------------------
Reporter: kratem32 | Owner: mutt-dev
Type: enhancement | Status: closed
Priority: minor | Milestone: 1.8
Component: crypto | Version:
Resolution: fixed | Keywords: tofu
--------------------------+----------------------
Comment (by kevin8t8):
No, not absolutely.
But this is for the case where they hit (s)kip and we just returned 1 for
the verify function: indicating we accept the certificate.
Is there is a plausible case where OpenSSL would then pass a *different*
certificate with the same chain position number and also marked
preverify_ok?
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3916#comment:72>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
