Are you going to support not only 0.9.7 branch, but also 0.9.8 branch?
+Kiyoshi
Kiyoshi Watanabe
- Original Message -
From: Dr. Stephen Henson [EMAIL PROTECTED]
To: openssl-users@openssl.org
Sent: Monday, January 30, 2006 10:07 PM
Subject: Re: OpenSSL FIPS Certification
On Sun, Jan
Hi Team,
This might be dev topic, but let me ask.
Is there any coding guidance for the core team and application developer?
Is anybody doing the source code review like open bsd team does for their
code?
Thanks!
With Best Regards,
Kiyoshi
Kiyoshi Watanabe
The Bridge CA is a CA(hub) to bridge the two different CAs, so no need to
have a Self-signed certificate for BridgeCA.
If you are relying party in Root CA1 domain and if you want to create a
certificate path, you will probably have:
SelfCert1byRootCA1, CrossCertFromRootCA1toBridgeCA,
--
I would very appreciate if you could give
meany work around.
+Kiyoshi
Kiyoshi
Watanabe
.
-Kiyoshi
Kiyoshi Watanabe
So, this is perhaps the most simple bridge PKI arrangement:
+-+---++-+---+
|T| ||T| |
+-+---++-+---+
| P
Hi,
crlDistributionPoints = DirName:/C=FI/O=SSH Communications Security Corp/CN=SSH Test
CA 2 No Liabilities
How about
crlDistributionPoints = @crl_dist
[ crl_dist ]
DirName = /C=FI/O=SSH Communications Security Corp/CN=SSH Test CA 2 No Liabilities
-Kiyoshi
Kiyoshi Watanabe
will read the starndard PKCS12 binary file without having
any problem and you can use FORMAT_PKCS12.
-Kiyoshi
Kiyoshi Watanabe
I have a CA certificate exported from RSA KEON, which is PEM encoded pkcs#12
certificate (listed below.)
It seems encoded by base64 , I have tried different methods
Why don't you convert or issue the PKCS#11 in DER format. I believe
PKCS#12, not PKCS#11 sorry for my typo.
-Kiyoshi
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support
Hello,
As you can see, the default certificate format is PEM in openssl
command. I do not know the excact reason, but I agree that the ocsp
command had better to have format option if you are requesting so.
-Kiyoshi
Kiyoshi Watanabe
Hi,all,
Could some one tell me kindly why the -issuer
?
-Kiyoshi
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Kiyoshi Watanabe
On Sun, Jan 19, 2003, Kiyoshi WATANABE wrote:
Dear all and developers,
Is any option to create the CertID.issuerKeyHash using the AKID of the
cert to be checked, instead of using the issuer certificate itself, in
OCSP request?
In addition, do you see any
0A
I think that the two values are the same to me.
Please let me know why the verify command tells me the subject issuer
mismatch and how I could correct this problem.
I am attaching the 2 certificate for your reference.
Sincerely,
-Kiyoshi
Kiyoshi Watanabe
Certificate:
Data
appreciated if you give me some suggestion.
Sincerely,
-Kiyoshi
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List
Dear Steve,
Thank you for your comment. I understand the usage of this
extension and fully agree with you.
Best Regards,
-Kiyoshi
Kiyoshi Watanabe
On Thu, Oct 03, 2002, Kiyoshi WATANABE wrote:
Dear all, I want to know the way to implement to
set the CRLNumber extension in CRL
!
Thanks in advance!
Kiyoshi,
Kiyoshi Watanabe
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
Dear all,
Let me ask that if I omit to specify the nsCertType extension,
the certificate can be used for keyEncippherment even I specify
the digitalSignature only in keyUsage?
Does anyone knows that Netscape recognizes the keyUsage bit and limits
the usage of the certificate?
Regards,
16 matches
Mail list logo
