GNOME Bugzilla – Bug 634891
Empathy can't remember not CA certificates
Last modified: 2011-02-21 09:37:57 UTC
if (gnutls_x509_crt_get_ca_status (cert, NULL) <= 0)
DEBUG ("Can't import the CA, it's not a valid CA certificate");
That's pretty similar to bug #634489 the remember certificate code should be more powerful to handle such case.
THis code is no longer present once bug #636258 is merged.
I don't think we want to making importing certificate authorities from within empathy. Importing and storing certificate authorities as trust anchors is a high risk operation when it comes to security. We certainly want to be able to 'pin' (add an exception for) a end entity certificate. This pinned certificate is stored for a given host.
Should we just close this?