>
> There are several proposed protocols in the IETF to allow for this one is
> called SCVP another is XKMS; these protocols essentially offload all of the
> trust verification. There are implementations of both available but none for
> OpenSSL.
I can't resist: There is also RFC 3029 :-)
Several pieces of RFC 3029 have been implemented with openssl, but
none of this is used to replace the current internal API for certificate
validation.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
