bug-wget
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] certificate revocation lists (CRLs) #43501


From: Tim Ruehsen
Subject: Re: [Bug-wget] certificate revocation lists (CRLs) #43501
Date: Wed, 05 Nov 2014 12:48:49 +0100
User-agent: KMail/4.14.2 (Linux/3.16-3-amd64; KDE/4.14.2; x86_64; ; )

On Wednesday 05 November 2014 12:24:06 Noël Köthe wrote:
> Hello,
> 
> wget does not support CRLs. There is a bug report about this here:
> https://savannah.gnu.org/bugs/?43501
> 
> The first step could to document (IMHO prefered in the manpage) this
> behavior (see attached first ugly patch because I don't know where to
> place this better).
> 
> The next and better step might be to implement this by loading CRLs
> files (reporter points to curl where this is possible) then this patch
> should be removed again.
> 
> Maybe you agree and apply this minor documentation patch.

Thank you, Noël.

On 24th Oct I pushed a change to Mget that allows to specify a CRL file via
--crl-file. If nobody complains, I would fit that patch to Wget's GnuTLS code.

BTW, does Debian meanwhile has a CRL infrastructure (something like 
/etc/ssl/certs/) or is planning something like it ?

Also, OCSP certificate status checking might be interesting for Wget.

Tim

Attachment: signature.asc
Description: This is a digitally signed message part.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]