Re: x509 AlgorithmIdentifier parameters

From: Philip Martin <philip_at_codematters.co.uk>
Date: Sat, 03 Feb 2018 01:39:23 +0000

Philip Martin <philip_at_codematters.co.uk> writes:

> In Marc's case getting a new server cert that is not RSASSA-PSS might be
> the best solution.

r1822996 fixes the x509 parser on trunk. It doesn't mean that the
client will be able to verify the RSASSA-PSS certs (you would need an
OpenSSL fix for that) but it does allow a JavaHL client to accept the
failure to verify.

-- 
Philip

Received on 2018-02-03 02:39:36 CET

This message: [ Message body ]
Next message: Branko Čibej: "Re: svn commit: r1822996 - in /subversion/trunk/subversion: libsvn_subr/x509parse.c tests/libsvn_subr/x509-test.c"
Previous message: Philip Martin: "Re: x509 AlgorithmIdentifier parameters"
In reply to: Philip Martin: "Re: x509 AlgorithmIdentifier parameters"
Next in thread: Philip Martin: "Re: x509 AlgorithmIdentifier parameters"
Reply: Philip Martin: "Re: x509 AlgorithmIdentifier parameters"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]