#1629 Survey public certificates for purpose

Reporter Zash
Owner Nobody
Created
Updated
Stars ★ (1)
Tags
  • Status-CantFix
  • Priority-Medium
  • Type-Task
  1. Zash on

    Prosody currently sets a flag to make LuaSec validate client certificates as if they were server certificates, due to proper client certificates being unavailable from some previously popular CA in the past. We might not need it anymore.

  2. Zash on

    Let's Encrypt, the only CA, has announced that they will stop setting the client certificate purpose, so we will still need that flag to treat remote servers certificates as server certificates on incoming connections

    Changes
    • tags Status-CantFix

New comment

Not published. Used for spam prevention and optional update notifications.