So if I am reading this right, in addition to a null dereference, turning on str... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jamescun on March 25, 2021 \| parent \| context \| favorite \| on: OpenSSL Security Advisory So if I am reading this right, in addition to a null dereference, turning on strict certificate validation actually disabled the check asserting that non-CA certificates cannot issue other certificates?

AlphaWeaver on March 25, 2021 [–]

Correct, but only in the rare case where the "purpose" value has been overridden to be empty.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact