On Wed, Feb 04, 2004 at 02:22:49PM +0100, Jostein Tveit wrote:
> Lutz Jaenicke <[EMAIL PROTECTED]> writes:
>
> > On Tue, Feb 03, 2004 at 08:41:23AM +0100, Jostein Tveit wrote:
> > > What exactly does the comment in ssl/ssl_lib.c mean:
> > >
> > > /* works well for SSLv2, not so good for SSLv3 */
>
> I've come across an issue with extensions. I have a S/MIME signed
> message, where the signing cert has signing + encrypting Key Usage flags,
> and SSL server Extended Key Usage flags.
>
> Because there is a Ext. Key Usage flags set, but not the S/MIME one then
> the cert validation procedu
>
> in X509 and RFC3280 "Critical" means that if you don't know how to handle an
> entension, you can ignore it. if you know how to handle it, you treat it
X
> independantly of critical or not.
I was mildly shaked to wake up :
Obviously, I missed the half sent
In message <[EMAIL PROTECTED]> on Fri, 6 Feb 2004 10:32:45 + (GMT), Dave Roberts
<[EMAIL PROTECTED]> said:
dave.roberts> I've come across an issue with extensions. I have a
dave.roberts> S/MIME signed message, where the signing cert has
dave.roberts> signing + encrypting Key Usage flags, and
> in X509 and RFC3280 "Critical" means that if you don't know how to handle an
> entension, you can ignore it. if you know how to handle it, you treat it
> independantly of critical or not.
hunh?
Critical means "if you don't know what this means, you cannot process the
cert."
or am i suffering f
