On 04/05/15 21:53, David Woodhouse wrote:
On Mon, May 4, 2015 1:25 pm, David Woodhouse wrote:
Surely that's not unique? Using the above example, surely the first
certificate issued by the 2010 instance of 'My CA', and the first
certificate issued by the 2015 instance, are both going to
On Sun, 3 May 2015, David Woodhouse wrote:
Hello David,
For the case of NSS, I suspect the lack of CKA_SUBJECT shouldn't be a
real problem. I've just started looking at NSS with a view to fixing
it to take PKCS#11 URIs, and it looks like the common way of
specifying a certificate is by its
Hi,
I'm cleaning up some code (it has a long history) that, among other things,
computes IKE's PRF (hmac) and PRF+ (key derivation function). The
computation involves the use of PK11_Derive to perform lots of
concatenation, padding, xoring, and hashing(1). To get an idea, the PRF+
function
The NSS team has released Network Security Services (NSS) 3.19,
which is a minor release.
New functionality:
* For some certificates, such as root CA certificates, that don't
embed any constraints, NSS might impose additional constraints,
such as name constraints. A new API has been added
On Tue, May 5, 2015 8:55 am, David Woodhouse wrote:
I'm talking about the serial numbers of the certs issued *by* the two
My CAs.
Good to have that clarification :)
Different CAs (in as much as different public keys), but with the same
DER-encoded subject name (not necessarily the same
On Tue, 2015-05-05 at 09:47 -0700, Ryan Sleevi wrote:
On Tue, May 5, 2015 8:55 am, David Woodhouse wrote:
I'm talking about the serial numbers of the certs issued *by* the two
My CAs.
Good to have that clarification :)
Different CAs (in as much as different public keys), but with the
On 05/05/2015 08:42 AM, Andrew Cagney wrote:
Hi,
I'm cleaning up some code (it has a long history) that, among other things,
computes IKE's PRF (hmac) and PRF+ (key derivation function). The
computation involves the use of PK11_Derive to perform lots of
concatenation, padding, xoring, and
On Tue, 2015-05-05 at 12:29 +0100, Alan Braggins wrote:
On 04/05/15 21:53, David Woodhouse wrote:
On Mon, May 4, 2015 1:25 pm, David Woodhouse wrote:
Surely that's not unique? Using the above example, surely the first
certificate issued by the 2010 instance of 'My CA', and the
On 05/05/15 16:55, David Woodhouse wrote:
On Mon, May 4, 2015 1:25 pm, David Woodhouse wrote:
Hm... so if I have two certificates; one with:
CKA_SUBJECT: My CA
CKA_LABEL: My CA (2010 instance)
and the other:
CKA_SUBJECT: My CA
CKA_LABEL: My CA (2015 instance)
Surely that's not
In
news:mailman.2879.1430839076.29279.dev-tech-cry...@lists.mozilla.org,
Kai Engert k...@kuix.de wrote:
The NSS team has released Network Security Services (NSS) 3.19,
which is a minor release.
I subscribed here because I have too much time on my hands and a
perverse interest in how techies
10 matches
Mail list logo