Are you going to support not only 0.9.7 branch, but also 0.9.8 branch?
+Kiyoshi
Kiyoshi Watanabe
- Original Message -
From: "Dr. Stephen Henson" <[EMAIL PROTECTED]>
To:
Sent: Monday, January 30, 2006 10:07 PM
Subject: Re: OpenSSL FIPS Certification
On Sun, Ja
Hi Team,
This might be dev topic, but let me ask.
Is there any coding guidance for the core team and application developer?
Is anybody doing the source code review like open bsd team does for their
code?
Thanks!
With Best Regards,
Kiyoshi
Kiyoshi Watanabe
The Bridge CA is a CA(hub) to bridge the two different CAs, so no need to
have a Self-signed certificate for BridgeCA.
If you are relying party in Root CA1 domain and if you want to create a
certificate path, you will probably have:
SelfCert1byRootCA1, CrossCertFromRootCA1toBridgeCA,
CrossCert
from randfile.c:64:/usr/include/sys/wait.h:86: error: parse error before
"siginfo_t"*** Error code 1make: Fatal error: Command failed for target
`randfile.o'Current working directory
/home/kiyoshi/tmp/openssl-0.9.8a/crypto/rand*** Error code 1The
following command caus
.
-Kiyoshi
Kiyoshi Watanabe
> So, this is perhaps the most simple "bridge" PKI arrangement:
>
> +-+---++-+---+
> |T| |
Hi,
> crlDistributionPoints = DirName:/C=FI/O=SSH Communications Security Corp/CN=SSH Test
> CA 2 No Liabilities
How about
crlDistributionPoints = @crl_dist
[ crl_dist ]
DirName = /C=FI/O=SSH Communications Security Corp/CN=SSH Test CA 2 No Liabilities
-Kiyoshi
Kiyoshi Wa
> Why don't you convert or issue the PKCS#11 in DER format. I believe
PKCS#12, not PKCS#11 sorry for my typo.
-Kiyoshi
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User
openssl will read the starndard PKCS12 binary file without having
any problem and you can use FORMAT_PKCS12.
-Kiyoshi
Kiyoshi Watanabe
> I have a CA certificate exported from RSA KEON, which is PEM encoded pkcs#12
> certificate (listed below.)
> It seems encoded by base64 , I hav
Hello,
As you can see, the default certificate format is PEM in openssl
command. I do not know the excact reason, but I agree that the ocsp
command had better to have format option if you are requesting so.
-Kiyoshi
Kiyoshi Watanabe
> Hi,all,
>
> Could some one tell me kindly why th
nssl.cnf file as a comment?
-Kiyoshi
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
use of authority key identifer to avoid the hash
calculation at the client side.
Or am i misunderstanding about the calculation over the two values?
#The authority Key identifer has different methods to calculate, so
#it is not good to rely on the authority key identifer value only.
-Kiyoshi
x in
apps/verify.c, I would not get the error? or does it check in
somewhere else?
Sincerely,
-Kiyoshi
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support Mailin
6 13 02 4A 50 31 0D 30 0B 06 03 55 04 0A
I think that the two values are the same to me.
Please let me know why the verify command tells me the subject issuer
mismatch and how I could correct this problem.
I am attaching the 2 certificate for your reference.
Sincerely,
-Kiyoshi
Kiyoshi
multiple exntensions or multiple values in one
(Bextension...)
(B
(BAnyway, if you like it, please drop me a line.
(B
(B-Kiyoshi
(BKiyoshi Watanabe
(BTokyo, Japan
/* v3_gpki.c */
(B
(B#include
(B#include "cryptlib.h"
(B#include
(B#include
(B#include
(B#include
(B
Dear Steve,
Thank you for your comment. I understand the usage of this
extension and fully agree with you.
Best Regards,
-Kiyoshi
Kiyoshi Watanabe
> On Thu, Oct 03, 2002, Kiyoshi WATANABE wrote:
>
> >
> > Dear all, I want to know the way to implement to
> > set
ou give me some suggestion.
Sincerely,
-Kiyoshi
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated Li
been unable to locate any such function to use in the library. Any help
> appreciated
See in crypto/x509/x509_vfy.c
around static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509
*x) funcions
This can be found from 0.9.7
JUST Info...
-kiyosh
!
Thanks in advance!
Kiyoshi,
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
,
Kiyoshi,
Kiyoshi WATANANBE
Hitachi, Ltd.
---openssl.cnf--
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
#
#
# For an object signing certificate this would be used
19 matches
Mail list logo