After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 634891 - Empathy can't remember not CA certificates
Empathy can't remember not CA certificates
Product: empathy
Classification: Core
Component: Auth client
Other Linux
: Normal normal
: ---
Assigned To: empathy-maint
Depends on:
Reported: 2010-11-15 09:28 UTC by Guillaume Desmottes
Modified: 2011-02-21 09:37 UTC
See Also:
GNOME target: ---
GNOME version: ---

Description Guillaume Desmottes 2010-11-15 09:28:09 UTC
if (gnutls_x509_crt_get_ca_status (cert, NULL) <= 0)
      DEBUG ("Can't import the CA, it's not a valid CA certificate");

That's pretty similar to bug #634489 the remember certificate code should be more powerful to handle such case.
Comment 1 Stef Walter 2010-12-13 21:01:58 UTC
THis code is no longer present once bug #636258 is merged.

I don't think we want to making importing certificate authorities from within empathy. Importing and storing certificate authorities as trust anchors is a high risk operation when it comes to security. We certainly want to be able to 'pin' (add an exception for) a end entity certificate. This pinned certificate is stored for a given host.

Should we just close this?