On 30/03/14 15:46, Gert Doering wrote:
Hi,
On Sun, Mar 30, 2014 at 12:48:37AM +0100, Steffan Karger wrote:
3 - Change OpenSSL builds to use hax representation
I tend toward this one - user visible behaviour shouldn't change (unless
unavoidable) depending on SSL library used.
So for me this boils down to "how many users are relying on the current
behaviour, which is not what the docs say it should be"?
I've posted a script to verify CRLs
http://www.nikhef.nl/~janjust/vpn/OpenVPN2-Cookbook/verify-crls.sh
which relies on the XX:XX:XX format ... I could change that, of course,
but I am not sure how many people are actually using that script.
Printing the serial in hex format would make it more difficult to do a
CRL check, however, as the openssl tools by default use the XX:XX:XX format.
JM2CW,
JJK
