On 03 Jan 2024, at 18:23, Howard Chu wrote:
>> We’re referring to URIs known to crypto libraries, such as pkcs11 URLs (for
>> smartcard interfaces) and tpmkey URIs for TPM chips.
>
> Probably worth noting this in the manpages too then, that these are generally
> not internet URIs.
I’ve just
Graham Leggett wrote:
> On 03 Jan 2024, at 18:02, Howard Chu wrote:
>
>>> https://bugs.openldap.org/show_bug.cgi?id=10149
>>
>> Looks a bit like a chicken'n'egg situation, why should anyone trust the
>> connection that was used to
>> retrieve certs and keys from the designated URI?
>
> Not at
On 03 Jan 2024, at 18:02, Howard Chu wrote:
>> https://bugs.openldap.org/show_bug.cgi?id=10149
>
> Looks a bit like a chicken'n'egg situation, why should anyone trust the
> connection that was used to
> retrieve certs and keys from the designated URI?
Not at all.
We’re referring to URIs
Graham Leggett wrote:
> On 19 Dec 2023, at 12:45, Graham Leggett wrote:
>
>> A search in the openldap source shows we don’t yet support the OpenSSL3
>> provider OSSL_STORE_open() call, which takes a URL as a parameter.
>>
>> I’m happy to patch the openldap client to support this, would it make
On 19 Dec 2023, at 12:45, Graham Leggett wrote:
> A search in the openldap source shows we don’t yet support the OpenSSL3
> provider OSSL_STORE_open() call, which takes a URL as a parameter.
>
> I’m happy to patch the openldap client to support this, would it make sense
> to add a
