Stephen Henson via RT | 1 Dec 01:52 2006
Picon

[openssl.org #1416] [PATCH] display UPN if in subjectAltName


[clenahan <at> fortresstech.com - Fri Oct 20 16:23:50 2006]:

>  With this patch, instead of the subjectAltName getting 
> "othername:unsupported" it will be something like 
> "othername:UPN<151242141 <at> mil"
> 
> Nice when working with ceritifcates from CAC cards.
> 

I like the general idea of displaying something useful for the otherName
type but I'm less keen on hard coding an OID into the code for one
specific type.

I'll have to have a think about the best way to do this and provide a
superset of the functionality this patch provides.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Nils Larsch via RT | 1 Dec 09:42 2006
Picon

Re: [openssl.org #1433] X509v3 OIDs from RFC 2459


  via RT wrote:
> Some X509v3 OIDs from RFC 2459 are currently missing from objects.txt:
> 
> * X509v3 Certificate Issuer
> * X509v3 Issuing Distribution Point
> * X509v3 Subject Directory Attributes
> 
> All the other OIDs from the RFC are already included in OpenSSL. The 
> attached patch introduces the above OIDs.

does it really makes sense to add OIDs when openssl is not
able to parse these extensions ?

Cheers,
Nils

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Veltri Stefano via RT | 1 Dec 12:42 2006
Picon

[openssl.org #1071] signing of large files: patch


Hi,

I need to sign large files with openssl. How I can retrieve this patch?

Thanks in advance!

Stefano Veltri

________________________________

Value Team SpA
Business Unit VP Tech - Security Solutions
Piazzale L. Cadorna 15

20123 Milano

Tel. +39 02 80 509 470

Cell. +39 335 726 68 50

Fax +39 02 80 509 409

stefano.veltri <at> valueteam.com 
http://www.valueteam.com <http://www.valueteam.com/>  

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org
(Continue reading)

Kyle Hamilton | 1 Dec 13:11 2006
Picon

Re: [openssl.org #1433] X509v3 OIDs from RFC 2459

I think so.  At the very least, it points out that there's something
that needs to be added.

My opinion, this is only my own opinion.

-Kyle H

On 12/1/06, Nils Larsch via RT <rt <at> openssl.org> wrote:
>
>   via RT wrote:
> > Some X509v3 OIDs from RFC 2459 are currently missing from objects.txt:
> >
> > * X509v3 Certificate Issuer
> > * X509v3 Issuing Distribution Point
> > * X509v3 Subject Directory Attributes
> >
> > All the other OIDs from the RFC are already included in OpenSSL. The
> > attached patch introduces the above OIDs.
>
> does it really makes sense to add OIDs when openssl is not
> able to parse these extensions ?
>
> Cheers,
> Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

(Continue reading)

Stephen Henson via RT | 1 Dec 13:48 2006
Picon

[openssl.org #1433] X509v3 OIDs from RFC 2459


[nlarsch <at> gmx.net - Fri Dec  1 09:42:37 2006]:

>   via RT wrote:
> > Some X509v3 OIDs from RFC 2459 are currently missing from objects.txt:
> > 
> > * X509v3 Certificate Issuer
> > * X509v3 Issuing Distribution Point
> > * X509v3 Subject Directory Attributes
> > 
> > All the other OIDs from the RFC are already included in OpenSSL. The 
> > attached patch introduces the above OIDs.
> 
> does it really makes sense to add OIDs when openssl is not
> able to parse these extensions ?
> 

Well in the past all manner of weird OIDs have been added which we
aren't likely ever to do anything with. I not that keen on doing that
but not violently opposed to it.

These at least have the virtue that we *might* do something with them.
In the case of "X509v3 Issuing Distribution Point" the OID and extension
support has been added to 0.9.9.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

(Continue reading)

Stephen Henson via RT | 1 Dec 13:57 2006
Picon

[openssl.org #1071] signing of large files: patch


[Stefano.Veltri <at> valueteam.com - Fri Dec  1 12:42:27 2006]:

> Hi,
> 
> I need to sign large files with openssl. How I can retrieve this patch?
> 
> Thanks in advance!
> 

This patch only applies to the smime utility under certain
circumstances. The patch has already been added to the latest versions
of OpenSSL (0.9.7, 0.9.8 and 0.9.9-dev).
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Nils Larsch | 1 Dec 22:46 2006
Picon
Picon

Re: [PATCH] benchmark support for whirlpool (post-camellia)

justin-openssl <at> soze.net wrote:
> This patch adds whirlpool benchmarking to "openssl speed".
> 
> The recent addition of camellia broke the original patch attached to RT
> bug 1338, which wasn't forwarded to the list anyway. (might be nice if
> the RT->list gateway forwarded patches)

patch applied.

Thanks,
Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Nils Larsch via RT | 4 Dec 19:22 2006
Picon

[openssl.org #1431] bug in setting ECDH and ECDSA methods


fixed in cvs 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Nils Larsch via RT | 4 Dec 19:51 2006
Picon

[openssl.org #1433] X509v3 OIDs from RFC 2459


patch applied.

Thanks,
Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Nils Larsch via RT | 4 Dec 20:12 2006
Picon

[openssl.org #1347] Field 'attributes' of X509_REQ_INFO


patch applied to 0.9.8-stable and the cvs head.

Thanks,
Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org


Gmane