

@c gnutls_certificate_status_t
@table @code
@item GNUTLS_@-CERT_@-INVALID
The certificate is not signed by one of the
known authorities or the signature is invalid.
@item GNUTLS_@-CERT_@-REVOKED
Certificate is revoked by its authority.  In X.509 this will be
set only if CRLs are checked.
@item GNUTLS_@-CERT_@-SIGNER_@-NOT_@-FOUND
The certificate's issuer is not known. 
This is the case if the issuer is not included in the trusted certificate list.
@item GNUTLS_@-CERT_@-SIGNER_@-NOT_@-CA
The certificate's signer was not a CA. This
may happen if this was a version 1 certificate, which is common with 
some CAs, or a version 3 certificate without the basic constrains extension.
@item GNUTLS_@-CERT_@-INSECURE_@-ALGORITHM
The certificate was signed using an insecure
algorithm such as MD2 or MD5. These algorithms have been broken and
should not be trusted.
@item GNUTLS_@-CERT_@-NOT_@-ACTIVATED
The certificate is not yet activated.
@item GNUTLS_@-CERT_@-EXPIRED
The certificate has expired.
@item GNUTLS_@-CERT_@-SIGNATURE_@-FAILURE
-- undescribed --
@item GNUTLS_@-CERT_@-REVOCATION_@-DATA_@-SUPERSEDED
The revocation data are old and have been superseded.
@item GNUTLS_@-CERT_@-REVOCATION_@-DATA_@-ISSUED_@-IN_@-FUTURE
The revocation data have a future issue date.
@end table
