Good cryptographic
software should not have different execution times
dependent on a bit value, though.
(...) Or are you just saying that the fact that
the public key has mostly zeros in the exponent should
not matter, and the speed difference can be attributed
only to the exponent size?
Hello all,
I'm working with Openssl 0.9.7beta3's OCSP command,
both client and server.
I'm a bit puzzled with how to establish the
following :
1. Signed requests from client
2. Request verification from
server
3. Signed responses from server
4. Response verification from
client
I mean,
Evilbunny,
MKC The idea is to use the Verified Identity (IV) CA to get credibility
to
MKC the name. This will become clear when we put the VI CA online in a
few
MKC days -- then you'll see what it is capable of. I'll let you know when
MKC it's online. Meanwhile, its main ideas are described
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've been working on a similar project. My approach, with notes, is:
- - JSP front-end. This isn't so much for the forms as for the results
when you search the database - the JSP kicks out XML, but can run it
through XLST for browsers and clients
Heres my understanding, and it
seems to work using the OpenSSL OCSP client and responder, provided the
appropriate certificates are installed in the right places (Im using a
0.9.7 stable release from 9/02.
-Bob
-Original Message-
From: Howard Chan
[mailto:[EMAIL
Hello all,
I'm trying to add an attibute to a cert's subject.
This is an example:
Subject: 1.2.3.4.5=A000, C=ES, O=pepe S.A., CN=yo
[EMAIL PROTECTED]
But I don't no how to do it.
I've tryed to do it writting in the openssl.cnf this:
[ policy_match ]
countryName = match
evilbunny,
Would you mind filling it up the blanks on creating your own CA on the
SSL-Certificates HOWTO on www.tldp.org
I think it will help a lot of people to manage their own subCA as well make
a good advertising for cacert.org
Cheers.
Franck Martin
Network and Database Development Officer
Hi,
I am just getting started with the OpenSSL crypto lib. What
I need to do is to extract an unknown extension from a X509V3 cert.
I have been successful in finding out that X509_EXTENSION_get_data does
return the contents of the extension. However what does
X509_EXTENSION_get_object give me
Hi there,
I've just found another post on the ml archives
concerning my problem, but didn't find any reply, so:
root@hwsx:~/.cpan/build/Crypt-SSLeay-0.45# make test
PERL_DL_NONLAZY=1 /usr/bin/perl -Iblib/arch -Iblib/lib -I/usr/lib/perl5/i386-linux
-I/usr/lib/perl5 -e 'use Test::Harness
Dear all (Bob),
Thank you. I see evidence of response
verification and OCSP client/server works fine, I know. However, I'm still
unclear with the relationships between the:
1) CA root cert which signed the certs I'm checking
the status on,
2) OCSP request signing cert from client,
3)
In short, my OpenLDAP server is using self-signed (OpenSSL) certificate. Now
I wish to access the same OpenLDAP server from a windows based client.
Naturally I need to trust the certificate (or the root of it?). I wanted to
know the steps that I should follow by which I can export or by any mean
I beg to differ on some of the answers
below:
-Original Message-From: Bob Kupperstein
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, October 29, 2002 8:39
PMTo: [EMAIL PROTECTED]Subject: RE: OCSP
request/response signing
Heres my
understanding, and it seems to work using
12 matches
Mail list logo