question: - would it be necessary to keep the user-signature?
If you mean that we should not remove the user's signature then you are correct. The removal is a bug.
- i just tried the process:
user revokes but without crin and signs by its own
- at ra i get the request, (beside new bug -> can'T be verified...)
Take a look at confirm_revreq and you will that we use a lot \n but all \r were missing.
- when i sign (approve) as the operator, the user-signature gets
replaced by the operators own one...
This is a bug.
- this is working by the way ;o) and this signature can be verified as correct
We should detect both signatures. I think this requires some fixes because the most of our code is not able to handle more than one signature.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
