bug in signing or verifying CRLs ?

Mon, 10 Dec 2007 00:39:02 -0800

probably there exists a bug in current openssl binary (linux & windows) in signing or verifying certificate revokation lists with moduli-sizes larger (2^16)-1 (for example 65536 Bits). 

An valid example is added to the mail-extension.
When running "openssl crl -in rootca.crl -CAfile rootca.cer -noout" openssl says "verify failure", even it should be all ok... 


What ist the problem? Do you add this problem to the buglist? Is 
there/will be a fix?


-Stephan Bärwolf, Thuringia, Ilmenau



Attachment:
rootca.cer

Description: application/x509-ca-cert



Attachment:
rootca.crl

Description: application/pkix-crl






















					Reply via email to