On Mon, Oct 13, 2008 at 09:35:03PM -0700, David Schwartz wrote:
>
> Aravinda Babu wrote:
>
> > Problem is our application will verify only DER format certificates.
What protocol exchange is secured by the "certificate" (private/public
key pair, with the public key encased in a CA certificate)? In many case
the protocol already exchanges the "certificate" in binary (DER) form.
It is appropriate to ask what is happening here and why a certificate
needs to be verified "out-of-band" and in what sense it is "verified".
Presumably this is somehow tied to use of the associated private key to
sign some data, but this is far from clear.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
