Modify

#1276 new defect

TLS: set CAfile per IM Account

Reported by: ilf Owned by:
Priority: normal Milestone:
Component: Unspecified / other Version: Unspecified
Keywords: TLS, CAfile Cc:
IRC client+version: Client-independent Operating System: Public server
OS version/distro:

Description

More TLS suggestions from me:

I would like to set a CAfile per IM Account. Instead of one global CAfile with 100 CAs, I would like to set only one cert (or one CA) per account.

This is in addition to #980 "certificate pinning".

It also relates (but doesn't override) #921 "support multiple CAfile arguments".

Attachments (0)

Change History (2)

comment:1 Changed at 2016-12-06T23:29:19Z by dx

I'd rather have public key fingerprint pinning in addition to certificate fingerprint pinning, like irssi did in https://github.com/irssi/irssi/pull/557

comment:2 Changed at 2016-12-07T07:50:55Z by ilf

Yes, that would be awesome!

This could be achieved by allowing CAfile to take both "the x509 certificate and/or the subject public key information section of the certificate" as argument.

Modify Ticket

Action
as new The ticket will remain with no owner.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.