FW: No CAs in CertificateRequest message

2004-05-06 Thread Erik Tkal
, down the fiber, off a switch, past the firewall, down the T1 ... nothing but Net. --- A customer performing interoperability testing sent me a message and indicated that our TLS server was sending a CertificateRequest message with a CAs length of 0, followed

Re: No CAs in CertificateRequest message

2004-05-06 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Thu, 6 May 2004 08:24:57 -0400, Erik Tkal [EMAIL PROTECTED] said: etssl Can anyone answer this? How do I tell if this is a known etssl problem with OpenSSL or if the RFC is incorrect, or if this is etssl just a accepted deviation? I can't really say, as that's

RE: No CAs in CertificateRequest message

2004-05-06 Thread Erik Tkal
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Levitte - VMS Whacker on Thu, 6 May 2004 08:24:57 -0400, Erik Tkal said: etssl Can anyone answer this? How do I tell if this is a known etssl problem with OpenSSL or if the RFC is

Re: No CAs in CertificateRequest message

2004-05-06 Thread Jeffrey Altman
Richard Levitte - VMS Whacker wrote: In message [EMAIL PROTECTED] on Thu, 6 May 2004 08:24:57 -0400, "Erik Tkal" [EMAIL PROTECTED] said: etssl Can anyone answer this? How do I tell if this is a known etssl problem with OpenSSL or if the RFC is incorrect, or if this is etssl just a

RE: No CAs in CertificateRequest message

2004-05-06 Thread Erik Tkal
not want to give such hints to a client and assume that clients it trusts will present proper credentials based on proper configuration. Erik Tkal From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeffrey AltmanSubject: Re: No CAs in CertificateRequest message Richard

Re: No CAs in CertificateRequest message

2004-05-06 Thread Jeffrey Altman
configuration. Erik Tkal From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeffrey Altman Subject: Re: No CAs in CertificateRequest message Richard Levitte - VMS Whacker wrote: In message [EMAIL PROTECTED] on Thu, 6 May 2004

RE: No CAs in CertificateRequest message

2004-05-06 Thread Erik Tkal
Jeff, thanks, I sent that info to my customer, hopefully he'll be ok with "most implementations tolerate it, you probably should too". Erik From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeffrey Altman I'm looking at the TLS 1.1 Internet-Draft and it

FW: No CAs in CertificateRequest message

2004-05-04 Thread Erik Tkal
, down the fiber, off a switch, past the firewall, down the T1 ... nothing but Net. --- A customer performing interoperability testing sent me a message and indicated that our TLS server was sending a CertificateRequest message with a CAs length of 0, followed

No CAs in CertificateRequest message

2004-05-03 Thread Erik Tkal
A customer performing interoperability testing sent me a message and indicated that our TLS server was sending a CertificateRequest message with a CAs length of 0, followed by no additional data. This appears to be in violation of section 7.4.4 of RFC 2246, which implies

No CAs in CertificateRequest message

2004-05-03 Thread Erik Tkal
A customer performing interoperability testing sent me a message and indicated that our TLS server was sending a CertificateRequest message with a CAs length of 0, followed by no additional data. This appears to be in violation of section 7.4.4 of RFC 2246, which implies