(continuing top posting to keep thread consistent)
Note that the point of using an X.509 signature at file creation time
and/or client approval time was to reuse the internal file structure
that is already designed to hold that particular signature format
(specifically, the internal file struc
el Wojcik
Technology Specialist, Micro Focus
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jakob Bohm
Sent: Wednesday, June 24, 2015 01:53
To: openssl-users@openssl.org
Subject: Re: [openssl-users] beginner needs advice on data
signature/verification
(Contin
(Continuing top posting to keep thread consistent).
First of all, if the client itself is compromised, the file content can
be compromised just before you do whatever you do to assure the server
that this was what the user of the client wanted. No way to fix that
other than to keep the client
Many thanks for the answer.
I should have been more specific on the requirements right away. The
"file" was really just an example to keep it simple. Reading my own
writing, I would probably have suggested what you did :-)
So here are the facts:
- client/server are not connected to the intern
Response inline below, prefixed with "MW". (Unfortunately Outlook is incapable
of replying to HTML messages properly, so you'll have to excuse the formatting.)
Michael Wojcik
Technology Specialist, Micro Focus
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Marco W
