12 May
2006
12 May
'06
8:24 a.m.
Michal Prochazka wrote:
I'm open for every remark and enhancement of this patch. IMHO, it is very breakable script: it compare only strings (issuer name, subject, etc), which can be forged easily. IMHO, we need to check sha1/md5 signatures of CA certificates, not strings.
-- // Lev Serebryakov