Modify ↓
Opened at 2016-12-06T14:47:48Z
Last modified at 2016-12-07T07:50:55Z
#1276 new defect
TLS: set CAfile per IM Account
| Reported by: | ilf | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | Unspecified / other | Version: | Unspecified |
| Keywords: | TLS, CAfile | Cc: | |
| IRC client+version: | Client-independent | Operating System: | Public server |
| OS version/distro: |
Description
More TLS suggestions from me:
I would like to set a CAfile per IM Account. Instead of one global CAfile with 100 CAs, I would like to set only one cert (or one CA) per account.
This is in addition to #980 "certificate pinning".
It also relates (but doesn't override) #921 "support multiple CAfile arguments".
Attachments (0)
Change History (2)
comment:1 Changed at 2016-12-06T23:29:19Z by
comment:2 Changed at 2016-12-07T07:50:55Z by
Yes, that would be awesome!
This could be achieved by allowing CAfile to take both "the x509 certificate and/or the subject public key information section of the certificate" as argument.
Note: See
TracTickets for help on using
tickets.
I'd rather have public key fingerprint pinning in addition to certificate fingerprint pinning, like irssi did in https://github.com/irssi/irssi/pull/557