[openssl-dev] [openssl.org #4368] ESSCertIDv2 Update for RFC 3161

Klein Marek via RT rt at openssl.org
Wed Mar 2 09:18:35 UTC 2016


This patch https://github.com/openssl/openssl/pull/771  adds support for
ESSCertIDv2 to ts module as defined in RFC5816 (Update for RFC 3161), thus
it removes another hardcoded SHA-1 usage from ts module.

It is possible to choose the hash algorithm that is used to calculate
certificate id by setting .conf variable "ess_cert_id_v2_alg". By setting
"ess_cert_id_v2" variable it is possible to decide whether ESSCertIDv2
should be used instead of original ESSCertID.

Original behavior (using ESSCertID) is preserved.


Kind Regards / S pozdravom

Marek Klein

Disig, a.s.

Zahradnicka 151, 821 08 Bratislava 2

 <mailto:marek.klein at disig.sk> marek.klein at disig.sk

 <http://www.disig.sk> www.disig.sk


Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4368
Please log in as guest with password guest if prompted

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5187 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160302/71ac869e/attachment.bin>

More information about the openssl-dev mailing list