Re: [openssl-dev] [openssl.org #3940] Missing CRL checks in cms/smime cmdline utilities

2016-08-19 Thread Dmitry Belyavsky via RT
Thank you very much! 19 авг. 2016 г. 6:47 PM пользователь "Rich Salz via RT" написал: > For now we just added a comment to master, 1.0.2, 1.0.1 in the cms.pod and > smime.pod files: > > Note that no revocation check is done for the recipient cert, so if that > key has been

Re: [openssl-dev] [openssl.org #3940] Missing CRL checks in cms/smime cmdline utilities

2016-08-19 Thread Dmitry Belyavsky
Thank you very much! 19 авг. 2016 г. 6:47 PM пользователь "Rich Salz via RT" написал: > For now we just added a comment to master, 1.0.2, 1.0.1 in the cms.pod and > smime.pod files: > > Note that no revocation check is done for the recipient cert, so if that > key has been

[openssl-dev] [openssl.org #3940] Missing CRL checks in cms/smime cmdline utilities

2016-08-19 Thread Rich Salz via RT
For now we just added a comment to master, 1.0.2, 1.0.1 in the cms.pod and smime.pod files: Note that no revocation check is done for the recipient cert, so if that key has been compromised, others may be able to decrypt the text. -- Ticket here:

[openssl-dev] [openssl.org #3940] Missing CRL checks in cms/smime cmdline utilities

2015-07-12 Thread Dmitry Belyavsky via RT
Hello, There is a missing CRL check on encrypting the messages using the 'cms/smime -encrypt' commands. Encrypting the message for the owner of a compromised key is dangerous, so CRL check in these utilities will be useful enough. Thank you! -- SY, Dmitry Belyavsky