[Cryptography] GnuTLS -- time to look at the diff.
pgut001 at cs.auckland.ac.nz
Fri Mar 7 03:04:52 EST 2014
Phillip Hallam-Baker <hallam at gmail.com> writes:
>People can write comprehensive test suites for certificate checking... but so
>far none has been mentioned so I don't think they did.
There's the NIST test suite, but (a) it's about a decade old, (b) there are
errors in it, and (c) it tests, among other things, a bunch of crazy stuff
that not only no-one cares about but that no sane implementation should
actually do. It is a reasnably thorough test of your cert-handling code
(I can't imagine the amount of therapy the poor person who created all the
certs had to go through afterwards to recover).
More information about the cryptography