Version 5 (modified by 17 years ago) (diff) | ,
---|
General Description
Pidgin doesn't currently do any certificate verification for SSL. In order to properly do this and ensure security, a certificate manager (something like Mozilla's) needs to be added.
Issues
- It looks like PKCS12 (the certificate import/export format) is supported by both libNSS and GnuTLS.
- Should GnuTLS be prioritized over libNSS? I'm going with GnuTLS first, as I understand it better.
TODO
- Look at how the SILC prpl does its key management, especially the organization of the API used to check certs and interact with the user to verify them.
- Add some way of passing useful error messages back up out of the SSL interface
Status
23 May 2007
Using "Document the SSL interface as it exists now" as an excuse to build a branch and learn Doxygen
17 May 2007
Reading documentation. Lots of it.