On 2017-12-29 Daniel Kahn Gillmor <d...@debian.org> wrote: > On Fri 2017-12-29 14:38:14 +0200, RĂ©mi Denis-Courmont wrote: >> The version of GnuTLS in Debian incorrectly flags self-signed >> certificates as insecure certificate chain algorithm. This makes no >> sense; the flag is for certificate chains using insecure algorithms >> such as MD2, MD5 and SHA-1.
> sorry, i'm having a hard time seeing this. In the example you give below: >> This is reproducible also with gnutls-bin (both with Debian and upstream >> GnuTLS): [...] >> - Status: The certificate is NOT trusted. The certificate issuer is unknown. >> The certificate chain uses insecure algorithm. >> *** PKI verification of server certificate failed... >> *** Fatal error: Error in the certificate. >> *** handshake has failed: Error in the certificate. > the error says "The certificate issuer is unknown", which is surely the > *correct* response for a self-signed certificate when you haven't added > that certificate to your list of X.509 root authorities. [...] Daniel, I agree that ""The certificate issuer is unknown" would be the correct error message. However gnutls *additionally* throws an "The certificate chain uses insecure algorithm." And the latter is afaict wrong. There is no insecure algorim involved, the self-signature uses "RSA-SHA256". (I had tried to make this clear with Actual results/Expected results in the upstream report.) cu Andresas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'
