On Wed, Sep 07, 2005, Sascha Kiefer wrote: > Hi list, > > openssl makes - for example: OCSP request with nonce - the > requestExtensions a "context specific" integer. > Why does it do this? I mean, it works, but is it mandatory? > >
Which version of OpenSSL are you using? Some of the older versions use raw random data in the extnValue OCTET STRING which was what the spec seemed to say and several implementations it interoped with did. So this "context specific integer" might be the result of an attempt to parse random data. Newer versions should use an OCTET STRING within the extnValue OCTET STRING when it generates a nonce and use an exact copy of the received version when it copies a nonce. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
