Trac is being migrated to new services! Issues can be found in our new YouTrack instance and WIKI pages can be found on our website.

Version 10 (modified by wehlhard, 17 years ago) (diff)

--

General Description

Pidgin doesn't currently do any certificate verification for SSL. In order to properly do this and ensure security, a certificate manager (something like Mozilla's) needs to be added.

This is William Ehlhardt's project for Summer of Code

Issues

  • It looks like PKCS12 (the certificate import/export format) is supported by both libNSS and GnuTLS.
  • Should GnuTLS be prioritized over libNSS? I'm going with GnuTLS first, as I understand it better.

TODO

  • Look at how the SILC prpl does its key management, especially the organization of the API used to check certs and interact with the user to verify them.
  • Add some way of passing useful error messages back up out of the SSL interface (23 May)
  • Fix purple_ssl_init in sslconn.c; it doesn't do anything (23 May)
    • Talking to nosnilmot suggests that this ought to just be removed outright (24 May)
  • Figure out how to get key fingerprints out of libNSS and GnuTLS (25 May)

Status

23 May 2007

Using "Document the SSL interface as it exists now" as an excuse to build a branch and learn Doxygen

17 May 2007

Reading documentation. Lots of it.

All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!