Peter Stuge wrote:
> As for incomplete, that suggests to me going beyond a technical
> requirement, ie. does the CN actually include all subject's middle
> initials?
Or at least to policy; is subject OU required and missing?
//Peter
___
opensc-devel ma
Brian Thomas wrote:
> The subject of the requirement is to verify that "malformed" or
> "incomplete" certificates cannot be loaded on to the card.
As you may know, X.509 is a low level standard, so what is considered
malformed in one circumstance may be unproblematic in another.
Much more specifi
On Feb 25, 2011, at 7:22 PM, Brian Thomas wrote:
> The subject of the requirement is to verify that "malformed" or
> "incomplete" certificates cannot be loaded on to the card.
I'd assume OpenSSL (which is used to read and parse the certificates) does some
basic syntax/format checks.
But go on, v
r Stuge
Sent: Friday, February 25, 2011 11:19 AM
To: opensc-devel@lists.opensc-project.org
Subject: Re: [opensc-devel] Documentation sanity checks
Brian Thomas wrote:
> I need to prove to our customer that OpenSC performs some sort of
> sanity checking before loading a certificate on to a smart
Brian Thomas wrote:
> I need to prove to our customer that OpenSC performs some sort of
> sanity checking before loading a certificate on to a smart card.
Sanity checking of what?
If the requirement is not qualified any further then that is one
stupid requirement.
> PKCS15-init does some kind o
Hello,
I need to prove to our customer that OpenSC performs some sort of sanity
checking before loading a certificate on to a smart card. I know that
PKCS15-init does some kind of checking because when I attempt to load a
certificate on the card after modifying it with a text editor, it fails
