Tat Sing Kong wrote:
>
> Hello,
>
> I am looking at verifying the OCSP responses, in regard to verifying the
> OCSP signer certificate. I have been looking at OCSP_basic_verify, but
> can't figure it out, and there's no documentation. Can anyone shed any
> light?
>
> Also, are there any code
On Thu, 6 Dec 2001, Paulo Matos wrote:
> Hi folks!
> I created a CA Certiicate that a plan to use to sign all
> certificates that I'll use on our services.
> My major problem is how can I detect if the client as already the
> CA cert (so I can decide if I should send the certifi
Title: RE: Cryptology Questions
Yes,
the digest is used to validate that the data wasn't altered. Remember that
anyone can calculate the digest of a message. If the digest wasn't
encrypted with your private key, then someone could change the data, recompute
the digest, and exchange the ori
Andrew Finnell <[EMAIL PROTECTED]> writes:
> I was wondering if someone could help me out. I have to speak with
> some cryptology experts later today and was wondering if some answers could
> be answered.
>
> 1. What is the normal/(most secure) way to store private keys and
> protect
I am having trouble signing a client key created with
Java's keytool with a CA key created with openssl. I
get the message "The countryName field needed to be
the same in the CA certificate (US) and the request
(US)", which doesn't make sense since they ARE the
same.
I am including a transcript o
Hi folks!
I created a CA Certiicate that a plan to use to sign all
certificates that I'll use on our services.
My major problem is how can I detect if the client as already the
CA cert (so I can decide if I should send the certificate to him or not).
Thanks,
--
Erwann ABALEA <[EMAIL PROTECTED]> writes:
> On Thu, 6 Dec 2001, Andrew Finnell wrote:
>
> > digest. I did not know it was a checksum to validate that the data wasn't
> > altered.
>
> It's more robust than the usual "checksums" (CRC). You can easily fool a
> CRC32, but fooling a cryptographic di
Hello,
I am looking at verifying the OCSP responses, in regard to verifying the
OCSP signer certificate. I have been looking at OCSP_basic_verify, but
can't figure it out, and there's no documentation. Can anyone shed any
light?
Also, are there any code examples of walking up a CA chain and v
On Thu, 6 Dec 2001, Andrew Finnell wrote:
> digest. I did not know it was a checksum to validate that the data wasn't
> altered.
It's more robust than the usual "checksums" (CRC). You can easily fool a
CRC32, but fooling a cryptographic digest is another matter... In fact,
for MD5 and SHA1, nobo
Title: RE: Cryptology Questions
Neff,
Thanks for the quick response. You actually helped me understand some aspects that I didnt truely understand before. For example the message digest. I did not know it was a checksum to validate that the data wasn't altered.
--- More questions( b
Title: Cryptology Questions
hmmm...a tall order for us busy folks...but I'll help you out
some.
1. Provided you are using a "strong" password to
encrypt your key when using DES-CBC
you are pretty secure.
Remember that if
I can get access to, or copy, your .pem file
from
off your machine
- Original Message -
From: "support" <[EMAIL PROTECTED]>
Sent: Wednesday, December 05, 2001 9:48 PM
Subject: ¹úÄÚÍâóÒ׶¯Á¦Ö®Ô´
[ ÈôÄú²»¸ºÔðÕâ·½ÃæµÄÒµÎñ, ÇëתÏà¹ØÒµÎñ»ò²¿ÃŵĸºÔðÈË£¬Íò·Ö¸Ðл ]
[ Èô±¾Óʼþ´òÈÅÁËÄú£¬ÎÒÃÇÍò·Ö±§Ç¸ ]
££££££££££££££££££££££££
Title: Cryptology Questions
Hi all,
I was wondering if someone could help me out. I have to speak with some cryptology experts later today and was wondering if some answers could be answered.
1. What is the normal/(most secure) way to store private keys and protect them?
On Wed, 5 Dec 2001, Matt Sauve-Frankel wrote:
> > maybe I should have targetted "SSL and TLS" differently :))
>
> God forbid,
>
> your book is about as good as it ever gets...
>
> thank you for writing it, it's a gem...
Hear, hear! There is plenty of material out there for people who want to
buy
Title: °Ù´óǧÀïÂí ÏàÖªÔÚ°Ù´ó
;;
> Sarath Chandra M wrote:
>
> Hi,
> I have a requirement like this. Users/clients will access a web site,
> fill in a form, generate a keypair and send it to
> server. the csr is done at the server. client cert is created in the
> server and sent back thru email. Is this a proper
> approach ? If
Title: Message
Hi,
I have
a requirement like this. Users/clients will access a web site, fill in a form,
generate a keypair and send it to
server. the csr is done at the server. client cert is
created in the server and sent back thru email. Is this a
proper
approach ? If so, I would like to
17 matches
Mail list logo
