[exim-dev] [Bug 2389] tls_verify_certificates - with GnuTLS …

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 2389] New: tls_verify_certificates - with GnuTLS the CA list is sent no mater whether tls_verify_certificates points to dir or file
Subject: [exim-dev] [Bug 2389] tls_verify_certificates - with GnuTLS the CA list is sent no matter whether tls_verify_certificates points to directory or file
https://bugs.exim.org/show_bug.cgi?id=2389

--- Comment #4 from Andreas Metzler <eximusers@???> ---
(In reply to Phil Pennock from comment #3)
[...]
> But we have to deal with reality, rather than intent, and what I wrote
> implies more.
>
> How about "What is sent when a directory is specified currently depends upon
> the TLS library, and is subject to change in a future Exim release." ?


I would really like to see GnuTLS on par with OpenSSL in this respect instead
of undocumenting what exim does. I really do not care whether GnuTLS mimicks
the file/dir behavior (as documented) or whether it gets a special knob instead
(because that is easier to implement).

My early reply regarding "lack of wishlist" was meant to mean that I see no
need for *finer* controls than the current OpenSSL version. The lack of any
control with the GnuTLS implementation OTOH is something I miss.

--
You are receiving this mail because:
You are on the CC list for the bug.