Hi to all. I've made an improvement on the CA application command line section of OpenSSL and I'll be glad to share it with the community. The change is very simple: I've added two new commands named "suspend" and "reinstate". With suspend you can suspend a certificate, i.e. revoke it with the certificateHold motivation. With reinstate you can made a suspended certificate (see before), valid again. Suspended certificate are so included in issued CRLs but they will be disappear from CRL when they are reinstated.
I made these two commands because I use OpenCA on a PKI project here in Italy. In OpenCA a certificate can be suspended, but it will not appear in the CRL. In Italy it is required that a suspended certificate appears in CRLs and that a suspended certificate can be reinstated and so removed from the CRL. Please, tell me how to send source code so it can be included in the main distribution (it's a pain to apply the patch on every OpenSSL release :-) ). -- Diego ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
