However, I was wondering if anyone has ported/refactored the pkcs11
engine stuff for OpenSSL 3.0 already? is this on the TODO list for
the OpenSC/pkcs11 team? If I wanted to try to refactor the
opensc-pkcs11 module, how would I start?
PKCS #11 support is one (of many) possible items
> From: openssl-users On Behalf Of Jakob
> Bohm via openssl-users
> Sent: Friday, 18 June, 2021 09:38
>
> On 2021-06-18 16:23, Michael Wojcik wrote:
>
> >> From: openssl-users On Behalf Of Jakob
> >> Bohm via openssl-users
> >> Sent: Friday, 18 June, 2021 07:10
> >> To: openssl-users@openssl.org
On Fri, Jun 18, 2021 at 05:37:33PM +0200, Jakob Bohm via openssl-users wrote:
> > Also, the correspondence between the peer identity as requested by
> > the client, and as represented by the entity certificate, should not
> > be done using the CN component of the Subject DN (as OP suggested),
> >
Hi,
On 17/06/21 15:36, Matt Caswell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0 beta 1 released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
OpenSSL 3.0 is currently in beta.
Steffen Nurpmeso wrote in
<20210617151209.s_znu%stef...@sdaoden.eu>:
|Matt Caswell wrote in
| <33db69e0-0f9b-c559-43f7-e5a2f85a4...@openssl.org>:
||On 17/06/2021 15:43, Steffen Nurpmeso wrote:
||> Fyi, i have $PERL5OPT=-C permanently in my environment, in
||> conjunction with
On 2021-06-18 16:23, Michael Wojcik wrote:
From: openssl-users On Behalf Of Jakob
Bohm via openssl-users
Sent: Friday, 18 June, 2021 07:10
To: openssl-users@openssl.org
Subject: Re: reg: question about SSL server cert verification
On 2021-06-18 06:38, sami0l via openssl-users wrote:
I'm
On Fri, Jun 18, 2021 at 03:09:47PM +0200, Jakob Bohm via openssl-users wrote:
> Now the client simply works backwards through that list, checking if
> each certificate signed the next one or claims to be signed by a
> certificate in /etc/certs. This lookup is done based on the complete
>
> From: openssl-users On Behalf Of Jakob
> Bohm via openssl-users
> Sent: Friday, 18 June, 2021 07:10
> To: openssl-users@openssl.org
> Subject: Re: reg: question about SSL server cert verification
>
> On 2021-06-18 06:38, sami0l via openssl-users wrote:
> > I'm curious how exactly an SSL client
On 2021-06-18 06:38, sami0l via openssl-users wrote:
I'm curious how exactly an SSL client verifies an SSL server's
certificate which is signed by a CA. So, during the SSL handshake,
when the server sends its certificate, will the SSL client first
checks the `Issuer`'s `CN` field from the x509
