Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501

From:	Tim Ruehsen
Subject:	Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501
Date:	Fri, 07 Nov 2014 11:34:44 +0100
User-agent:	KMail/4.14.2 (Linux/3.16-3-amd64; KDE/4.14.2; x86_64; ; )

On Friday 07 November 2014 09:26:58 Giuseppe Scrivano wrote:
> Tim Ruehsen <address@hidden> writes:
> > Here is a first patch (GnuTLS only) for review and comments (and playing
> > around).
> 
> I think we should fail and avoid any connection instead of printing just
> a warning as it seems from the code now.  Have you tested it with some
> crl file?  Would be good to add some automatic tests for this new
> feature.
> 
> > - Should we support complete directories ?
> > - Should we allow more than one --crl-file option ?
> 
> We can add this later, but we need to ensure that wget fails now if more
> --crl-file are passed so that the user knows it is not supported now.

Giuseppe,

i further work on the CRL patch / feature.

But meanwhile please read
https://www.grc.com/revocation/ocsp-must-staple.htm

We should quickly support OCSP Stapling, CRLs seem to be inappropriate (but 
may be of use to one or the other user, so I continue working on the patch).

Tim

signature.asc
Description: This is a digitally signed message part.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] certificate revocation lists (CRLs) #43501, Noël Köthe, 2014/11/05
- Re: [Bug-wget] certificate revocation lists (CRLs) #43501, Tim Ruehsen, 2014/11/05
  - Re: [Bug-wget] certificate revocation lists (CRLs) #43501, Noël Köthe, 2014/11/05
    - Re: [Bug-wget] certificate revocation lists (CRLs) #43501, Christoph Anton Mitterer, 2014/11/05
  - Re: [Bug-wget] certificate revocation lists (CRLs) #43501, Noël Köthe, 2014/11/05
    - Re: [Bug-wget] certificate revocation lists (CRLs) #43501, Petr Pisar, 2014/11/05
- Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Ruehsen, 2014/11/06
  - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Giuseppe Scrivano, 2014/11/07
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Ruehsen <=
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Ruehsen, 2014/11/07
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Giuseppe Scrivano, 2014/11/08
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Ruehsen, 2014/11/10
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Giuseppe Scrivano, 2014/11/11
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Ruehsen, 2014/11/11
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Darshit Shah, 2014/11/12
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Ruehsen, 2014/11/12
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Ruehsen, 2014/11/11
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Tim Rühsen, 2014/11/11
    - Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501, Giuseppe Scrivano, 2014/11/12

Prev by Date: Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501
Next by Date: Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501
Previous by thread: Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501
Next by thread: Re: [Bug-wget] [PATCH] certificate revocation lists (CRLs) #43501
Index(es):
- Date
- Thread