Excuse me for posting while not being a subscriber. I was wondering, has
anyone created a small web page graphic that we may put on the bottom of
OpenSSL powered pages? I notice that most other programs have these.
Being that I use and support OpenSSL and the open source movement I would
like a
Bodo Moeller wrote:
> In principle, X.509v3 name constraints could
> be used to let a client act as a CA for itself, but I've never heard
> of anyone implementing temporary keys that way.
>
That's exactly what we do in Globus! See http://www.globus.org
They are called proxy certificates. The su
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just a quick build nit-pick: when you do "make links" to set up the
includes directory, it misses the files pem.h and pem2.h. It's easy
enough to fix by hand, but someone might want to patch up the makefile for
future generations. ;^)
Russ Selph
Erwann ABALEA wrote:
> Then, just put another field in your file, named SPKAC, and make it equal
> to the PublicKey you get, removing all the \n... (SPKAC stands for Signed
> Public Key And Challenge).
>
> Then you'll be able to use the ca program to sign your request, with a
> special option (-
I would like to add crl checking in a program I'm maintaining. How does
crl file checking work in openssl? I've gleaned enough to figure out how
to verify that a crl is valid, but as far as using the X509_CRL structure
itself, I'm clueless
Thanks for any help!
John Schuetz
__
On Mon, 8 Mar 1999, J. Andres Hall wrote:
> >> Not much of one, of course, since whoever modified it could also modify
> >> the MD5!
> >
> >Correct, the MD5 is actually intended to just let people quicky check wheter
> >some download/transfer errors occured. For real guarantee we should sign it
>
