https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246614
--- Comment #11 from Michael Osipov <michael.osi...@siemens.com> --- (In reply to Kyle Evans from comment #10) Correct. I would start populate blacklist first and then generate links. Care must be taken if <digit> diverge, say you have n certs in blacklist with the same subject hash, great care must be taken when creating links that the correct certs is excluded from linking (https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_load_verify_locations.html). I think the general approach is to calculate a hash on the ASN.1 DER-encoded form of the ticket which will be truly unique. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
