possible Bug in OpenSSL - rfc 3161 - TSA service

classic Classic list List threaded Threaded
41 messages Options
possible Bug in OpenSSL - rfc 3161 - TSA service – Hello, My CA Authority (Europe Union qualified!) claims - there is Bug in OpenSSL => verifying digi. timestamp fails. The CA says (my bad...
Hello kapetr, I have successfully time-stamped with TSA server "https://www.postsignum.cz/DEMOTSA/TSS_user/" (u: demoTSA, p: demoTSA2...
Thanks for great answer and explanation. Without a deeper knowledge I had ask the TSA (as possible solution) to move the ESSCertiId (or whate...
Hi everybody, I do not know if this is the best place to discuss it, but I would like to have your opinions on the best place to include Time Attr...
Hello, thanks to your very detailed report I've managed to troubleshoot your problem very fast. I've discovered that in TSA response (file.tx...
Hello, after long time and many communication with the Certification Authority, they send me final conclusion: The problem with verificati...
Am 11.03.2013 13:01, schrieb kapetr@...: > > P.S: is this forum monitored by developers of openssl or should I report > it in devel fo...
On Mon, Mar 11, 2013, Richard Knning wrote: > Am 11.03.2013 13:01, schrieb kapetr@...: > > > >P.S: is this forum monitored by ...
Hello, Dne 11.3.2013 17:33, Dr. Stephen Henson napsal(a): > As to the OP query. I'm not that familiar with the timestamping code. OpenSSL ...
On Mon, Mar 11, 2013, kapetr@... wrote: > Hello, > > Dne 11.3.2013 17:33, Dr. Stephen Henson napsal(a): > >As to the OP quer...
the second ess certid says SEQUENCE { OCTET STRING 52 EE 29 A7 35 03 04 F8 94 21 48 72 76 9F...
Dne 11.3.2013 21:42, Peter Sylvester napsal(a): > the second ess certid says > > SEQUENCE { > OCTET STRI...
On 03/11/2013 10:31 PM, kapetr@... wrote: > > Dne 11.3.2013 21:42, Peter Sylvester napsal(a): >> the second ess certid says >&g...
That is what we talk about here. Try to check previous posts in this thread. --kapetr Dne 11.3.2013 22:51, Peter Sylvester napsal(a): >...
On 03/11/2013 11:17 PM, kapetr@... wrote: > That is what we talk about here. > Try to check previous posts in this thread. > rfc 3126...
Dne 12.3.2013 08:49, Peter Sylvester napsal(a): > On 03/11/2013 11:17 PM, kapetr@... wrote: >> That is what we talk about here. &g...
Hello, I found the following: http://tsa.postsignum.cz:444 produces the following error, when using this as time stamp server with adob...
Dne 12.3.2013 20:36, Walter H. napsal(a): > Hello, > > I found the following: > > http://tsa.postsignum.cz:444 do you hav...
On 13.03.2013 01:19, kapetr@... wrote: > > Dne 12.3.2013 20:36, Walter H. napsal(a): >> Hello, >> >> I found the foll...
Dne 15.3.2013 20:24, Walter H. napsal(a): > are you shure this TSA is working at all? Of course, it is the One TSA in our coutry. >...
Dne 16.3.2013 12:58, Walter H. napsal(a): >> Unfortunately not, it is official paid service. >> But You can make tests on testin...
On 16.03.2013 19:27, kapetr@... wrote: > Dne 16.3.2013 12:58, Walter H. napsal(a): >>> Unfortunately not, it is official paid servic...
Dne 16.3.2013 20:58, Walter H. napsal(a): > I tried this with my Adobe Acrobat, > and you wouldn't believe it; it doesn't work with ...
On 17.03.2013 16:37, kapetr@... wrote: > > > Dne 16.3.2013 20:58, Walter H. napsal(a): > >> I tried this with my Adobe Acro...
Dne 17.3.2013 18:21, Walter H. napsal(a): > On 17.03.2013 16:37, kapetr@... wrote: >> >> >> Dne 16.3.2013 20:58, Walt...
On 17.03.2013 18:48, kapetr@... wrote: >> be verified - the same as you had ... >> OpenSSL and Adobe conform to RFC 3161; >> ...
Dne 17.3.2013 19:08, Walter H. napsal(a): >> ?=> it could be probably problem on yours side. > not really ... >> What Ado...
for those who don't read openssl-dev -------- Original Message -------- Subject: [openssl.org #3016] openssl ts fix Date: Wed, 13 Mar 201...
SORRY - now with attachment :-) Dne 15.3.2013 22:34, Peter Sylvester napsal(a): > for those who don't read openssl-dev Thanks - I did no...
Dne 15.3.2013 22:34, Peter Sylvester napsal(a): > for those who don't read openssl-dev Thanks - I did not know that it is discussed the...
You should have received an HTTP 400 error, with an HTML page. The service behind it may not be RFC3161 compliant, it may even not be advertis...
On 03/12/2013 09:30 AM, kapetr@... wrote: > > > RFC 3161 is written badly. The whole text was a joke anyway. The requester SH...
Dne 12.3.2013 11:54, Peter Sylvester napsal(a): > On 03/12/2013 09:30 AM, kapetr@... wrote: >> >> >> > RFC 3161 i...
Just note. I accidentally deleted: http://2i.cz/dcc5b69c4f Here is new copy: http://2i.cz/0f81f2d80b __________________________________________...
Of course YES. Timestamp reply is nothing else as CMS SignedData structure. --kapetr Dne 11.3.2013 19:51, Dr. Stephen Henson napsal(a): &g...
Hello, try this for generating the TSA-reply openssl ts -reply -config openssl.cnf -section tsa_timestamp -queryfile TSA-query -inkey ts.k...
Thank you, but this thread is about TS from real Certification Authority and problem with attribute certificates. --kapetr Dne 11.3.201...
Do you think OpenSSL is a game? On 11.03.2013 22:02, kapetr@... wrote: > Thank you, > > but this thread is about TS from real Certi...
On 03/11/2013 08:01 PM, kapetr@... wrote: > Of course YES. > Timestamp reply is nothing else as CMS SignedData structure. > not quite...
On 03/11/2013 06:43 PM, kapetr@... wrote: > Hello, > > ... > > As I know, the attr. certs are not very necessary => that i...
Could you please explain it in detail ? Commands sentence as example ? INPUT: - timestamp reply - certificates (whole chain) COMMANDS: ....