‘guix lint’ should catch certificate validation exceptions
(name . Bug Guix)(address . bug-guix@gnu.org)
Guix,
The linter should obviously warn about TLS errors but it should
not terminate processing. See ‘guix lint ibndp’ or ‘guix lint
ttping’, where the hostname and certificate CN/SAN don't match.
In any other situation Guix is probably right to throw a scary
error and abort, even if hashes are our primary defence, not TLS.
Kind regards,
T G-R
-----BEGIN PGP SIGNATURE-----
iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYM3VLA0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15QD4A/RMEHCY66lQXkQQa1Tb70TWjf+ThETlu2xsWv0qG
rP7PAP9rjrkuXweiqje7fiLEEjgDfkZkf0AkG+ptDJEkzrnvBA==
=Vwle
-----END PGP SIGNATURE-----