Am 5. März 2012 16:45 schrieb Martin Boßlet :
> I'm sorry, but I disagree - this is not a legal encoding, even not at the end
> of a constructed indefinite length encoding.
>
> The first 0x00 cannot belong to a multiple length encoding because section
> 8.1.3.5 of X.690 sta
> "84 00 00 00" (three zero octets) would be a valid encoding
> (context-specific tag 0,
> zero length followed by and END OF CONTENTS),
Sorry, this has to read context-specific tag 4 of course.
Best regards,
Martin Bosslet
__
Op
Am 5. März 2012 15:14 schrieb Stephen Henson via RT :
>> [steve - Fri Mar 02 03:57:59 2012]:
>>
>> > [to...@tutus.se - Thu Mar 01 15:44:36 2012]:
>> >
>> > Hi,
>> >
>> > In at least OpenSSL 0.9.8s and 1.0.1-beta1 there is a bug in the ASN.1
>> > parser that if one has length data such as
>> >
>> >
Hello,
if we do SSL/TSL client authentication, the current OpenSSL 1.0.0d
verifies the client certificate
upon reception of the Client Certificate message.
Let's consider I want to find out whether the server trusts a certain
CA I as an attacker am planning
to compromise. I would send some certif
isting call is doomed to fail. I changed this to add not
only bs->certs, but also the certificates already available in certs,
as they possibly contain the necessary intermediate certificates.
Thanks in advance for any comments and corrections!
Best regards,
Martin Boßlet
Index: crypto/oss
I updated the patch (now in unified form) to keep backwards compatibility.
Best regards,
Martin
2010/12/29 Stephen Henson via RT :
>> [martin.boss...@googlemail.com - Mon Dec 27 14:59:59 2010]:
>>
>> The attached patch contains:
>>
>> - an additional method for creating a timestamp directly from
I updated the patch (now in unified form) to keep backwards compatibility.
Best regards,
Martin
2010/12/29 Stephen Henson via RT :
>> [martin.boss...@googlemail.com - Mon Dec 27 14:59:59 2010]:
>>
>> The attached patch contains:
>>
>> - an additional method for creating a timestamp directly from
certificates) are always needed. When skipping validation, it's
possible to validate a timestamp without any external resources if the
timestamp authority certificate is included (which it must be if
explicitly requested). Certificate validation can then be performed
separately.
Best regards,
Martin B
Yes, I was looking at 0.9.8o.
Still, I quite enjoyed the experience and would be glad to be able to
contribute. I looked into the ts app, it does not yet support HTTP
transport. Could this be a useful addition?
-Martin
2010/10/17 Dr. Stephen Henson
> On Sun, Oct 17, 2010, Martin Bolet wrote:
>
in the end, but is there no easier way, e.g. by handing over the pointer to
my template directly, so that the template i2d functions are used when
encoding the attribute?
Best regards,
Martin Boßlet
10 matches
Mail list logo
