On Tue, Jan 14, 2014, socket wrote:
> What I am saying is that one falls into the delegated trust model, and one
> does not, but I should be able to validate either because RFC 2560 allows
> for "a Trusted Responder whose public key is trusted by the requester". I am
> asking if mod_ssl in apache
What I am saying is that one falls into the delegated trust model, and one
does not, but I should be able to validate either because RFC 2560 allows
for "a Trusted Responder whose public key is trusted by the requester". I am
asking if mod_ssl in apache 2.4.x is RFC compliant. it seems to me openss
On Tue, Jan 14, 2014, socket wrote:
> Hey all, I am wondering if anyone here could point me in the right direction
> or even assist with a problem I have having.
>
> According to RFC 2560:
>
> All definitive response messages SHALL be digitally signed. The key
>used to sign the response MUST
