[Pkg-bitcoin-devel] Bug#792231: electrum
Thomas Voegtlin
thomasv at electrum.org
Mon Aug 3 18:24:26 UTC 2015
On 08/03/2015 10:41 AM, Tristan Seligmann wrote:
> In addition,
> quite a bit of the certificate handling code does things incorrectly
> (see eg. the certificate chain verification code[1] that does not
> check the certificate purpose, allowing anyone with a valid cert to
> sign a fraudulent cert as if they were a CA).
>
Instead of suggesting that there are "quite a bit" of incorrect things,
and then citing one example, can you provide the full list of problems
that you see?
also, by "certificate purpose", do you mean Key-Usage?
thanks
More information about the Pkg-bitcoin-devel
mailing list