> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Corey Minyard
> Sent: Friday, January 11, 2019 17:09
>
> I don't really like my options, but I'm kind of boxed in. I'm not sure
> why ssh doesn't run on top of ssl; that seems so sensible. I assume
> that's for histor
On 1/11/19 12:42 PM, Sam Roberts wrote:
On Wed, Jan 9, 2019 at 6:54 PM Corey Minyard wrote:
My first inclination for a secure connection was to use ssh. However,
ssh is not as well suited for this as I would have liked, and all the
ssh libraries are tied to a file descriptor in ways that are no
On 1/11/19 12:14 PM, Jordan Brown wrote:
On 1/10/2019 10:55 AM, Corey Minyard wrote:
It is unusual, perhaps, but I'm trying to implement something like
ssh does. I can't expect users of ser2net to obtain certificates
from a real certificate authority, that's too high a barrier for
entry. I w
On Wed, Jan 9, 2019 at 6:54 PM Corey Minyard wrote:
> My first inclination for a secure connection was to use ssh. However,
> ssh is not as well suited for this as I would have liked, and all the
> ssh libraries are tied to a file descriptor in ways that are not easily
> fixable, and thus can't be
On 1/10/2019 10:55 AM, Corey Minyard wrote:
> It is unusual, perhaps, but I'm trying to implement something like ssh
> does. I can't expect users of ser2net to obtain certificates from a
> real certificate authority, that's too high a barrier for entry. I
> want them to be able to generate a key
On 10/01/2019 19:55, Corey Minyard wrote:
On 1/10/19 11:00 AM, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On
Behalf Of Jordan Brown
Sent: Thursday, January 10, 2019 11:15
On 1/9/2019 6:54 PM, Corey Minyard wrote:
2. Set the userid in the certificate an
On 1/10/19 11:17 AM, Viktor Dukhovni wrote:
On Wed, Jan 09, 2019 at 08:54:30PM -0600, Corey Minyard wrote:
What I would like to do is pull out some information from the
certificate that is being verified, set/modify the verify store based
upon that information (basically chose the CA based upo
On 1/10/19 11:00 AM, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jordan Brown
Sent: Thursday, January 10, 2019 11:15
On 1/9/2019 6:54 PM, Corey Minyard wrote:
2. Set the userid in the certificate and use client authentication to
authentic
On 10/01/2019 18:00, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jordan Brown
Sent: Thursday, January 10, 2019 11:15
On 1/9/2019 6:54 PM, Corey Minyard wrote:
2. Set the userid in the certificate and use client authentication to
authentic
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Jordan Brown
> Sent: Thursday, January 10, 2019 11:15
> On 1/9/2019 6:54 PM, Corey Minyard wrote:
>> 2. Set the userid in the certificate and use client authentication to
>> authenticate the user logging in. Set th
On Wed, Jan 09, 2019 at 08:54:30PM -0600, Corey Minyard wrote:
> What I would like to do is pull out some information from the
> certificate that is being verified, set/modify the verify store based
> upon that information (basically chose the CA based upon something in
> the certificate. Wha
On 1/9/2019 6:54 PM, Corey Minyard wrote:
> 2. Set the userid in the certificate and use client authentication to
> authenticate the user logging in. Set the username in the CN field
> of the certificate so it can't be changed, extract that and set the
> CA before verification. This is w
I'm working on an application using openssl, and I would like to set
some things up for verification based upon information in the
certificate. Unfortunately, from what I can tell, there is no way to do
this. (Maybe it's not a good idea. Not sure.)
What I would like to do is pull out some i
13 matches
Mail list logo
