From df594ad6c9bde27528f159c84cadd94743d873d9 Mon Sep 17 00:00:00 2001 From: shutterbug2000 Date: Sun, 28 Oct 2018 14:30:40 -0500 Subject: [PATCH] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 04e1b27..6ce3414 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,9 @@ Because Nintendo can't do SSL properly. # How does this work? The NDS SDK's SSL library supports something called "cert chains", which is a standard thing that all SSL libs should support. + However, there is a fatal flaw in their implementation: they do not check if a cert is supposed to sign other certs or not (in other words: it doesn't check if it is a CA) + Since we have some Nintendo signed certificates with private keys (client certs from the Wii), we can simply sign with those, and then return them from the server as part of the chain. # Requirements