* Message by -Dr. Stephen Henson- from Fri 2009-05-15:
[ ... how to pinpoint correct certificate ... ]
> The -certfile option can contain a whole load of certificates and the hint in
> the PKCS#7 structure will be used to locate the correct one.
Ok. There is another thing that I do not understa
* Message by -Dr. Stephen Henson- from Thu 2009-05-14:
> It does sound like S/MIME does exactly what you want using a detached
> signature. That would be preferable as opposed to inventing an incompatible
> version with possible security issues.
Ok, so how do I generate such a detached signature?
* Message by -Lasse Kliemann- from Thu 2009-05-14:
> I thought that maybe including the certificate _fingerprint_
> would be a good idea, when using OpenSSL. Then, recipients can
> sort their trusted certificates by fingerprint. However, it
> appears to be common practice to sort
Assume that I sign a document's digest with 'openssl dgst -sign
...' and distribute the document with the signature. How can I
help recipients to find a corresponding certificate (i.e., one
that contains a public key to successfully verify the signature
and usually which also contains some iden
The file at
http://www.openssl.org/./source/openssl-0.9.8f.tar.gz.sha1
contains the checksum
0a0a3fd9be3d46053df2e91b6eb8a3b4348c793c
whereas the file at http://www.openssl.org/source/openssl-0.9.8f.tar.gz (even
after repeated download) has SHA1 checksum
e8716370093b112763ace0c66c06a0d604
