why not more.
Thanks for PERMIS reference - I wasn't aware of it, will check.
Regards,
Uri
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dmitrij Mironov
> Sent: Monday, August 07, 2006 01:44
> To: openssl-users@openssl.org
>
[mailto:[EMAIL PROTECTED] On Behalf Of Mouse
> Sent: Friday, August 04, 2006 5:10 PM
> To: openssl-users@openssl.org
> Subject: RE: extending a PKCS12 certificate
>
> It doesn't makes much sense to add attributes to certs if
> values of those attributes can't be verified. Attri
e?
Tnx!
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Sascha Kiefer
> Sent: Friday, August 04, 2006 10:00
> To: openssl-users@openssl.org
> Subject: RE: extending a PKCS12 certificate
>
> Hi Gerd,
>
> It will. But as
: Freitag, 4. August 2006 17:24
To: openssl-users@openssl.org
Subject: RE: extending a PKCS12 certificate
Hello Sascha,
wouldn't this invalidate the digest and therefor the entire certificate?
If changing the arbitrary data does not invalidate the certificate, it must
not be part of the digest
Theodore Olen wrote:
Hello,
I'll look into Attribute Certificate, as I've never heard of this term
before. Thanks!
See http://www.ietf.org/rfc/rfc3281.txt
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org}
Bell Laboratories, Lucent Technologies, Inc.
2701 Lucent L
> ensures me that the data is safely stored, as the certificate, and
therefore
> also my additional data, can only be opened when the password is known.
If this is all you want to do, a cryptographic beginner such as yourself
will probably find it easier to use something like the GNU Privacy Gu
Hello,
I'll look into Attribute Certificate, as I've never heard of this term
before. Thanks!
Kind regards,
Theodore
From: "Dmitrij Mironov" <[EMAIL PROTECTED]>
Reply-To: openssl-users@openssl.org
To:
Subject: RE: extending a PKCS12 certificate
Date: Fri, 4 A
PKCS12 is a data format. It's usually password-protected, and is designed
to bundle together a private key with one or more certificates. Openssl
includes tools (programs and API's) to parse and generate PKCS12.
Once you've extracted the cert, you can parse it, and add an extension. To
sign t
ta is safely stored, as the certificate, and therefore
also my additional data, can only be opened when the password is known.
Thanks in advance. Kind regards,
Theodore
From: "Sascha Kiefer" <[EMAIL PROTECTED]>
Reply-To: openssl-users@openssl.org
To:
Subject: RE: extending a PK
sl.org
> Subject: RE: extending a PKCS12 certificate
>
> As far as i know, PKCS12 is just a combination of your private key and
> the public certificate. So, it should be possible to extract the
> certificate, make
> the changes and pack it together with the private key again.
It seems like you are talking about Attribute Certificate, but openssl
doesn't support them. Unfortunately. :o(
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Theodore Olen
> Sent: Friday, August 04, 2006 2:31 PM
> To: openssl-users@openssl.org
As far as i know, PKCS12 is just a combination of your private key and
the public certificate. So, it should be possible to extract the
certificate, make
the changes and pack it together with the private key again.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On B
12 matches
Mail list logo
