Skip to content

Latest commit

 

History

History
8 lines (6 loc) · 561 Bytes

themis-results.md

File metadata and controls

8 lines (6 loc) · 561 Bytes
Certificate condition What themis does now (v0.4.19) What we want themis to do.
no peer certificates. trust of 0 trust of 0
peer certificate in a chain we DO NOT trust trust of 1000 trust of 0
peer certificate in a chain we DO trust trust of 1000 trust of 1000

The existing check for CommonName and DNSSuffixes is a red herring. As long as we properly check the certificate chain, the right trust should be given.