I forward the email from Ralf as he has problem posting to the list (for some reasons he's rejected by the SF mail server...)
Later, Max -------- Original Message -------- Subject: Re: Fwd: Returned mail: see transcript for details Date: Fri, 28 Mar 2008 20:31:23 +0100 (CET) From: Ralf Hornik Mailings <[EMAIL PROTECTED]> To: Massimiliano Pala <[EMAIL PROTECTED]> Hi again Max :-) This message I would like to send to the list:
Alexander Klink wrote:
I hope you've read the warning and did not apply the patch to any production system yet - I just noticed that the patch breaks SCEP support in OpenCA.
After applying the patch also things like https://public-host:443/cgi-bin/pub/pki?cmd=viewCert;&dataType=VALID_CERTIFICATE&key=111 do not work any more. However I use this link in my emails to the customers, which then go directly to their certificate and can choose what to do. As solution, the command "viewCert" has to be added to "@not_vulnerable_commands". Can anybody tell me, if it is safe to do that, or do a I/we have a security issue then? Best regards Ralf -- Best Regards, Massimiliano Pala --o------------------------------------------------------------------------ Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED] [EMAIL PROTECTED] Dartmouth Computer Science Dept Home Phone: +1 (603) 397-3883 PKI/Trust - Office 063 Work Phone: +1 (603) 646-9179 --o------------------------------------------------------------------------
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________ OpenCA-Devel mailing list OpenCA-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-devel
