[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: Certificate expiry alarms Reg.
From: Ashok C <ash.sjc () gmail ! com>
Date: 2013-02-25 11:27:08
Message-ID: CAChfYsK_w8aRf7-af1k0VgpQrPyGLSo74X41MKM3+HHSrk7GvQ () mail ! gmail ! com
[Download RAW message or body]
Thanks a lot Jeff,
The book is really very useful.
On Sun, Feb 24, 2013 at 12:36 AM, Jeffrey Walton <noloader@gmail.com> wrote:
> On Fri, Feb 15, 2013 at 9:25 AM, Ashok C <ash.sjc@gmail.com> wrote:
> > On Thu, Feb 14, 2013 at 5:31 PM, Jeffrey Walton <noloader@gmail.com>
> wrote:
> >> On Thu, Feb 14, 2013 at 5:58 AM, Ashok C <ash.sjc@gmail.com> wrote:
> >> >
> >> > As part of implementing certificate expiry related alarms for my SSL
> >> > application, I would kindly require few suggestions and clarifications
> >> > from the community.
> >> ...
> >>
> >> There are two hidden issues: (1) what precisely is warranted, and (2)
> >> what liability is in play. Good luck in pinning a CA on liability (100
> >> page plus CPSs).
> >
> > Not clear what you exactly meant here. Could you please put it in more
> > simpler terms? Thanks.
> >>
> Read the chapter on PKI from Peter Gutmann's Security Engineering (pp.
> 595-650, www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf).
>
> It's not dry reading. Its interesting from a technical POV (what's the
> problem, how is it being solved); from a historical POV (committee
> disagreements, past failures, etc); and it's somewhat humorous at
> times (Gutmann has a witty sense of humor).
>
> Jeff
>
[Attachment #3 (text/html)]
Thanks a lot Jeff, <div>The book is really very useful. <br><br><div \
class="gmail_quote">On Sun, Feb 24, 2013 at 12:36 AM, Jeffrey Walton <span \
dir="ltr"><<a href="mailto:noloader@gmail.com" \
target="_blank">noloader@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div class="im">On Fri, Feb 15, 2013 at 9:25 AM, Ashok C \
<<a href="mailto:ash.sjc@gmail.com">ash.sjc@gmail.com</a>> wrote:<br>
> On Thu, Feb 14, 2013 at 5:31 PM, Jeffrey Walton <<a \
href="mailto:noloader@gmail.com">noloader@gmail.com</a>> wrote:<br> >> On \
Thu, Feb 14, 2013 at 5:58 AM, Ashok C <<a \
href="mailto:ash.sjc@gmail.com">ash.sjc@gmail.com</a>> wrote:<br> >> \
><br> </div><div class="im">>> > As part of implementing certificate \
expiry related alarms for my SSL<br> >> > application, I would kindly \
require few suggestions and clarifications<br> >> > from the community.<br>
</div>>> ...<br>
<div class="im">>><br>
>> There are two hidden issues: (1) what precisely is warranted, and (2)<br>
>> what liability is in play. Good luck in pinning a CA on liability (100<br>
>> page plus CPSs).<br>
><br>
> Not clear what you exactly meant here. Could you please put it in more<br>
> simpler terms? Thanks.<br>
>><br>
</div>Read the chapter on PKI from Peter Gutmann's Security Engineering (pp.<br>
595-650, <a href="http://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf" \
target="_blank">www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf</a>).<br> <br>
It's not dry reading. Its interesting from a technical POV (what's the<br>
problem, how is it being solved); from a historical POV (committee<br>
disagreements, past failures, etc); and it's somewhat humorous at<br>
times (Gutmann has a witty sense of humor).<br>
<br>
Jeff<br>
</blockquote></div><br></div>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic