severity 481132 wontfix
notforwarded 481132
thanks
"brian m. carlson" writes:
> Apparently OpenSSL doesn't try to use kEDH, and so it doesn't fail.
> GnuTLS should implement the same behavior; if a certificate doesn't
> support digitalSignature, then GnuTLS shouldn't try to use it in that
> way.
> I've figured out what the problem is. If I don't disable kEDH in
> sendmail's config, it fails, but if I do disable it, it works.
> My IMAP server also has kEDH disabled, and so it also works.
>
> Apparently OpenSSL doesn't try to use kEDH, and so it doesn't fail.
> GnuTLS should implement the
forwarded 481132 http://trac.gnutls.org/cgi-bin/trac.cgi/ticket/39
severity 481132 wishlist
thanks
"brian m. carlson" <[EMAIL PROTECTED]> writes:
> retitle 481132 libgnutls26: should use EDH only if server cert supports it
> kthxbye
>
> On Wed, May 14, 2008 at 05:42:45PM +0200, Simon Josefsson wr
retitle 481132 libgnutls26: should use EDH only if server cert supports it
kthxbye
On Wed, May 14, 2008 at 05:42:45PM +0200, Simon Josefsson wrote:
Hi! Thanks for the report. Unfortunately, I think your certificate is
incorrect, you'll need the digitalSignature Key Usage Bit as well.
RFC 2246
"brian m. carlson" <[EMAIL PROTECTED]> writes:
> Package: libgnutls26
> Version: 2.2.3-1
> Severity: important
>
> I regenerated my SSL certificates today (due to the security advisory)
> and mutt now refuses to connect to my SMTP server with STARTTLS. This
> is obviously unsuitable.
>
> Using cy
Package: libgnutls26
Version: 2.2.3-1
Severity: important
I regenerated my SSL certificates today (due to the security advisory)
and mutt now refuses to connect to my SMTP server with STARTTLS. This
is obviously unsuitable.
Using cyrus-clients-2.3's smtptest (which uses OpenSSL) does not object
6 matches
Mail list logo
