Message 370621 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	l0x
Recipients	christian.heimes, l0x
Date	2020-06-02.19:20:28
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1591125628.93.0.87420657479.issue40849@roundup.psfhosted.org>
In-reply-to

Content
This simple patch exposes OpenSSL's X509_V_FLAG_PARTIAL_CHAIN if it is defined. This lets us trust a certificate if it is signed by a certificate in the trust store, even if that CA is not a root CA. It makes it possible to trust an intermediate CA without trusting the root and all the other intermediate CAs it has signed.

This simple patch exposes OpenSSL's X509_V_FLAG_PARTIAL_CHAIN if it is defined. This lets us  trust a certificate if it is signed by a certificate in the trust store, even if that CA is not a root CA. It makes it possible to trust an intermediate CA without trusting the root and all the other intermediate CAs it has signed.

History
Date	User	Action	Args
2020-06-02 19:20:28	l0x	set	recipients: + l0x, christian.heimes
2020-06-02 19:20:28	l0x	set	messageid: <1591125628.93.0.87420657479.issue40849@roundup.psfhosted.org>
2020-06-02 19:20:28	l0x	link	issue40849 messages
2020-06-02 19:20:28	l0x	create