[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#31946: 27.0.50; The NSM should warn about more TLS problems
From: |
Noam Postavsky |
Subject: |
bug#31946: 27.0.50; The NSM should warn about more TLS problems |
Date: |
Tue, 03 Jul 2018 21:34:33 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Lars Ingebrigtsen <larsi@gnus.org> writes:
> Hm... this URL
>
> https://www.usps.com/business/web-tools-apis/welcome.htm
>
> now gives a warning about a SHA1 intermediary certificate, while
> Chromium and Firefox seems fine with it, so there may be a bug in the
> SHA1 check. Haven't had time to debug.
According to the show certificate info in Firefox, it's the root
certificate which has SHA1. Firefox shows both the issuer and subject
name as:
CN = VeriSign Class 3 Public Primary Certification Authority - G5
OU = "(c) 2006 VeriSign, Inc. - For authorized use only"
OU = VeriSign Trust Network
O = "VeriSign, Inc."
C = US
But in Emacs, I'm getting this from gnutls_x509_crt_get_issuer_dn():
"C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority"
and this from gnutls_x509_crt_get_dn():
"C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\\, Inc.
- For authorized use only,CN=VeriSign Class 3 Public Primary Certification
Authority - G5"
So gnutls is getting this non-matching issuer from somewhere, but it's
unclear to me where.
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Eli Zaretskii, 2018/07/01
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/03
- bug#31946: 27.0.50; The NSM should warn about more TLS problems,
Noam Postavsky <=
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/07/09
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/22
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/07/29
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/07/08