Graham Leggett wrote:
> On 03 Jan 2024, at 18:02, Howard Chu wrote:
>
>>> https://bugs.openldap.org/show_bug.cgi?id=10149
>>
>> Looks a bit like a chicken'n'egg situation, why should anyone trust the
>> connection that was used to
>> retrieve certs and keys from the designated URI?
>
> Not at a
On 03 Jan 2024, at 18:02, Howard Chu wrote:
>> https://bugs.openldap.org/show_bug.cgi?id=10149
>
> Looks a bit like a chicken'n'egg situation, why should anyone trust the
> connection that was used to
> retrieve certs and keys from the designated URI?
Not at all.
We’re referring to URIs known
Graham Leggett wrote:
> On 19 Dec 2023, at 12:45, Graham Leggett wrote:
>
>> A search in the openldap source shows we don’t yet support the OpenSSL3
>> provider OSSL_STORE_open() call, which takes a URL as a parameter.
>>
>> I’m happy to patch the openldap client to support this, would it make s
On 19 Dec 2023, at 12:45, Graham Leggett wrote:
> A search in the openldap source shows we don’t yet support the OpenSSL3
> provider OSSL_STORE_open() call, which takes a URL as a parameter.
>
> I’m happy to patch the openldap client to support this, would it make sense
> to add a LDAP_OPT_X_T
