Hello,
I am trying to verify the timestamp in a file signed using Authenticode.
I have found that this timestamp is in the RFC3161 format.
Using openssl apis, I have parsed the Authenticode signature and reached the
oid 1.3.6.1.4.1.311.3.3.1. I have subsequently used the following apis
:
On 23/11/2015 21:36, Karl Vogel wrote:
On Mon, 23 Nov 2015 05:17:33 +0100,
Jakob Bohm said:
J> You all seem to misunderstand the fundamental release engineering issues
J> involved.
Actually, we don't.
J> 1. Very shortly after you release OpenSSL 1.1.0, many distributions
J> and pointy ha
>> On Mon, 23 Nov 2015 05:17:33 +0100,
>> Jakob Bohm said:
J> You all seem to misunderstand the fundamental release engineering issues
J> involved.
Actually, we don't.
J> 1. Very shortly after you release OpenSSL 1.1.0, many distributions
J> and pointy haired managers will blindly switch to
But they care very much if Cisco AnyConnect (or any other
OpenSSL using program they may need) stops working or
becomes insecure because the OpenSSL team is breaking
stuff just because it is not needed in their own handful
of example uses.
And while ordinary people may not know or care, they will
I suspect that most “users” of OpenSSL are doing it indirectly through other
applications that use TLS (or crypto) functionality. Example: the Cisco
AnyConnect client is reportedly one of the most installed pieces of software
regardless of platform; it uses OpenSSL for TLS.
Taking those indirec