Welcome! Log In Create A New Profile

Advanced

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling
October 31, 2013 06:00PM
On 31/10/13 20:58, Rob Stradling wrote:
> On 24/10/13 01:26, Maxim Dounin wrote:
> <snip>
>> As for multiple certs per se, I don't think it should be limited
>> to recent OpenSSL versions only. As far as I can tell, current
>> versions of OpenSSL will work just fine (well, mostly) as long as
>> both ECDSA and RSA certs use the same certificate chain. I
>> believe at least some CAs issue ECDSA certs this way, and this
>> should work.
>>
>> Limiting support for multiple certs with separate certificate
>> chains to only recent OpenSSL versions seems reasonable for me,
>> but if Rob wants to try to make it work with older versions - I
>> don't really object. If it won't be too hacky it might worth
>> supporting.
>
> Updated patch attached. This implements multiple certs and makes OCSP
> Stapling work correctly with them. It works with all of the active
> OpenSSL branches (including 0_9_8).

That patch caused problems with ssl_stapling_file. Fixed in the
attached V2 patch.

> I'm afraid it's a much larger patch than I anticipated it would be when
> I started working on it!
>
> Maxim, does this patch look commit-able?

--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[PATCH] RSA+DSA+ECC bundles

Rob Stradling 1249 October 17, 2013 10:10AM

Re: [PATCH] RSA+DSA+ECC bundles

Maxim Dounin 434 October 17, 2013 11:20AM

Re: [PATCH] RSA+DSA+ECC bundles

Piotr Sikora 428 October 17, 2013 06:02PM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 394 October 18, 2013 07:08PM

Re: [PATCH] RSA+DSA+ECC bundles

Maxim Dounin 480 October 19, 2013 06:16AM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 464 October 21, 2013 05:42PM

Re: [PATCH] RSA+DSA+ECC bundles

Maxim Dounin 422 October 22, 2013 08:10AM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 362 October 22, 2013 09:32AM

Re: [PATCH] RSA+DSA+ECC bundles

Maxim Dounin 430 October 22, 2013 08:26PM

Re: [PATCH] RSA+DSA+ECC bundles

W-Mark Kubacki 456 October 23, 2013 01:08PM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 388 October 23, 2013 03:14PM

Re: [PATCH] RSA+DSA+ECC bundles

Piotr Sikora 426 October 23, 2013 05:50PM

Re: [PATCH] RSA+DSA+ECC bundles

Maxim Dounin 417 October 23, 2013 08:28PM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 394 October 31, 2013 05:00PM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 644 October 31, 2013 06:00PM

Re: [PATCH] RSA+DSA+ECC bundles

Maxim Dounin 411 November 01, 2013 06:48AM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 387 November 01, 2013 08:10AM

Re: [PATCH] RSA+DSA+ECC bundles

Maxim Dounin 472 November 01, 2013 10:26AM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 398 October 23, 2013 02:28PM

Re: [PATCH] RSA+DSA+ECC bundles

Piotr Sikora 440 October 23, 2013 05:56PM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 522 October 24, 2013 08:10AM

Re: [PATCH] RSA+DSA+ECC bundles

Rob Stradling 426 October 18, 2013 06:52PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 74
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready