GnuTLS: Big internal bugs, few real-world problemsMar 06, 2014, 15:00 (0 Talkback[s])
(Other stories by Steven J. Vaughan-Nichols)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
With GnuTLS's most recent and perhaps biggest failure to date, Red Hat found that GnuTLS, when shown a specially rigged kind of bogus SSL certificate, would fail to see that the certificate was a fake.
The project itself, despite its name, is no longer associated with GNU or GNU/Linux. Its chief designer, Nikos Mavrogiannopoulos, had "a major disagreement with the Free Software Foundation's (FSF) decisions and practices. He then made it an independent project.
0 Talkback[s] (click to add your comment)