Author zwol
Recipients Hiroaki.Kawai, asmodai, chaen, chet, chrisburr, christian.heimes, dsoprea, dstufft, jcea, joernheissler, kwatsen, maker, miki725, mmasztalerczuk, njs, pitrou, underrun, zwol
Date 2020-06-29.20:42:38
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1593463358.72.0.880314233606.issue18233@roundup.psfhosted.org>
In-reply-to
Content
I have yet another use case for the function implemented by this patch (i.e. retrieving the cert chain actually sent by the server, regardless of whether that gives a path to a trust anchor).  I'm implementing a network forensics tool, and one of the situations it's supposed to detect is when a man-in-the-middle is attempting to substitute its own cert for a site's "legitimate" cert (yes, possibly having suborned a public CA in order to do so).  To make all of the planned heuristics for this work correctly, I need to record exactly what came over the wire.

If it would be useful for me to dust off the patch and/or implement the _other_ function that people requested (retrieve the chain that OpenSSL concluded was a valid chain to an accepted trust anchor)  I can probably scare up time to do so in the next week or two.  I imagine it's too late for 3.8 patch releases at this point, but assuming I did this, could it make 3.9?
History
Date User Action Args
2020-06-29 20:42:38zwolsetrecipients: + zwol, jcea, pitrou, christian.heimes, asmodai, njs, maker, Hiroaki.Kawai, underrun, dstufft, dsoprea, miki725, mmasztalerczuk, chet, joernheissler, chaen, chrisburr, kwatsen
2020-06-29 20:42:38zwolsetmessageid: <1593463358.72.0.880314233606.issue18233@roundup.psfhosted.org>
2020-06-29 20:42:38zwollinkissue18233 messages
2020-06-29 20:42:38zwolcreate