Re: PEM file line size

„Parsers MAYhandle other line sizes.These requirements are consistent with PEM [RFC1421 ].“ It‘s not a bug, it‘s undefined behaviour. On Wed, 24 Feb 2021 at 20:20 Frank Liu wrote: > Hi, > > I noticed openssl 1.0.1 and 1.0.2 can't read a certificate PEM file

Re: What does 'openssl ts -verify' verify exactly?

On Tue, Feb 16, 2021 at 8:56 PM Viktor Dukhovni wrote: > > On Feb 16, 2021, at 1:34 PM, Hubert Kario wrote: > > > > the whole problem is that if you trust the date in the timestamp as the > date the timestamp was created, attacker can compromise the TSA key years > after > > it was last used and

Re: What does 'openssl ts -verify' verify exactly?

On Tue, Feb 16, 2021 at 4:34 PM Hubert Kario wrote: > On Tuesday, 16 February 2021 15:54:24 CET, Matthias Buehlmann wrote: > > Hello Hubert (sorry, replied to your e-mail address directly before > instead > > of the mailing list), > > > > thank you for your r

Re: What does 'openssl ts -verify' verify exactly?

rote: > On Tuesday, 16 February 2021 03:35:32 CET, Matthias Buehlmann wrote: > > If openssl ts -verify is used, what exactly is verified? > > > > For example, while the [-crl_check] [-crl_check_all] and > > [-extended_crl] verify options are supported, there is no way to pass

What does 'openssl ts -verify' verify exactly?

If openssl ts -verify is used, what exactly is verified? For example, while the [-crl_check] [-crl_check_all] and [-extended_crl] verify options are supported, there is no way to pass CRLs to the call. So, is anything checked for revocation? How are timestamps verified for which the signing certi