Hi Colm,
OK. Will do.
Thanks,
Sammi
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: Tuesday, September 27, 2016 8:23 PM
To: Chen, Sammi
Cc: kerby@directory.apache.org
Subject: Re: Anonymous PKINIT signatures
Hi Sammi,
Yes let's release RC3 soon if it's
...@apache.org
Subject: RE: Anonymous PKINIT signatures
Hi Colm,
When I looking at the krb5 source code, I found the function
cms_signeddata_verify in pkinit_crypto_openssl.c with the following comments:
" if (((si_sk = CMS_get0_SignerInfos(cms)) == NULL) ||
((si = sk_CMS_SignerInfo_
e can't verify
> the kdc sans, edu and so on. Such as the function
> cryptoRetrieveX509Sans#PkinitCrypto is marked as TODO.
>
>
> Thanks
> Jiajia
>
>
> -Original Message-
> From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
> Sent: Thursday, July 21, 2016
o:cohei...@apache.org]
Sent: Thursday, July 21, 2016 7:27 PM
To: kerby@directory.apache.org
Subject: Anonymous PKINIT signatures
Hi all,
I'm continuing to look at anonymous PKINIT as implemented in Kerby. I'm a bit
puzzled by a few things relating to signatures and would welcome some feed
Hi all,
I'm continuing to look at anonymous PKINIT as implemented in Kerby. I'm a
bit puzzled by a few things relating to signatures and would welcome some
feedback.
Looking at the server PkinitPreauth, it appears that Diffie-Hellman is used
to establish a shared secret key with the client.