[erlang-bugs] possible bug in ssl and/or public_key module (R13 and R14)

Ingela Anderton Andin <>
Fri Sep 24 09:59:24 CEST 2010


Hi!


Filipe David Manana wrote:
> Regarding the suggestion:
>
>   
>>    3) For the verify function, it receives {bad_cert, unknown_ca} when a certificate is self-signed? I would like to distinguish between unknown CAs and >self-signed certificates (certificate signed by the target host).
>>     
>
>   
>>> I think you have a point here we will look in to this.
>>>       
>
> Is there any standard (more formal) procedure to submit the suggestion
> to the OTP team, or posting to this mailing list is enough?
>
> cheers
>   

This depends on the type of change you are suggesting. In this case it
is a small fairly uncontroversial change that  we have already decided 
to adopt
as it is in line with what the old ssl-implementation does.  So no need to
be more formal and write an EEP - http://www.erlang.org/eep.html

It is actually already implemented in the branch
ia/ssl-and-public_key/backwards-compatibility/OTP-8858 
<http://github.com/IngelaAndin/otp/tree/ia%2Fssl-and-public_key%2Fbackwards-compatibility%2FOTP-8858>
as the old iplementation does distinguish between the two cases.
You can now get {bad_cert, selfsigned_peer}  as well as {bad_cert, 
unknown_ca}.

Regards Ingela Erlang/OTP team - Ericsson AB


More information about the erlang-bugs mailing list