Re: [exim-dev] [Bug 2311] New: DANE verify fails with a TA-m…

Page principale
Ce message fait partie du fil suivant :
M\Arborescence complète du fil triée par date
MMadmin à <-
MJeremy Harris à ->
Supprimer ce message
Répondre à ce message
Auteur: Viktor Dukhovni
Date:  
À: exim-dev
Sujet: Re: [exim-dev] [Bug 2311] New: DANE verify fails with a TA-mode TLSA and a selfsigned sever cert


> On Sep 9, 2018, at 10:50 AM, admin--- via Exim-dev <exim-dev@???> wrote:
> 
>           Summary: DANE verify fails with a TA-mode TLSA and a selfsigned
>                    sever cert
>           Product: Exim
>           Version: 4.91
>          Hardware: x86
>                OS: Windows
>            Status: NEW
>          Severity: bug
>          Priority: medium
>         Component: Delivery in general
>          Assignee: nigel@???
>          Reporter: jgh146exb@???
>                CC: exim-dev@???

>
> This appears to be a GnuTLS library bug at present, but recording here for
> tracking purposes.

This does not appear to be the right description. DANE-TA(2) is NOT
expected to work with self-signed server certs, and the report for
lists.gentoo.org is not for a self-signed cert.

The reports seem to be for ordinary 2 or 3 level chains in which
DANE-TA(2) matches at depth 1 or higher (depth 0 is the EE cert). 

-- 
    Viktor.



Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-dev
Informations sur la liste de diffusion | Messages voisins		<-[exim-dev] [Bug 2312] Email From: <> refused deliveryRe: [exim-dev] [Bug 2311] New: DANE verify fails with a TA-mode TLSA and a selfsigned sever cert->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)