Attempt to verify Thawte signature
Bernhard Reiter
bernhard@intevation.de
Wed Aug 13 10:09:02 2003
--NDin8bjvE/0mNLFQ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Aug 13, 2003 at 09:54:51AM +0200, Werner Koch wrote:
> On Fri, 4 Jul 2003 23:04:45 +0200, Bernhard Reiter said:
>=20
> > Saw an email by someone with a Thawte Freemail certificate
> > and tried to make it possible to verify it.
>=20
> > 2003-07-04 23:01:56 [6936] DBG: digest algo: 1.2.840.113549.1.1.4
> > 2003-07-04 23:01:56 [6936] DBG: Inquiring CN=3DPersonal Freemail RSA 20=
00.8.30,OU=3DCertificate Services,O=3DThawte,L=3DCape Town,ST=3DWestern Cap=
e,C=3DZA
> > 2003-07-04 23:01:56 [6936] Error in assuan_inquire(), rc =3D 3
>=20
> The problem was a too short buffer in Assuan, so that assuan_inquire
> returned with "invaldid value" and did not even call back to gpgsm.
> Printing numerical error codes is not the best solution: When I first
> looked at it, I assumed that this is an internal dirmngr error and not
> an assuan code becuase we have this nice assuan_strerror () ;-)
>=20
> I fixed that in CVS and it is now possible to load the CRL.
Nice!
> However, we should decide how to go: I have changed dirmngr to work
> with the libgcrypt (1.1.42 with the changed API) and I don't think
> that it is a good idea to go back to the old Libgcrypt version because
> we don't want to support that anymore. There won't be any conflicts
> using both Libgcrypt versions on one system. While we are already
> changing tyhe requirements for dirmngr I would also like to drop the
> source copied Assuan code and make use of the separate static
> libassuan which will make it easier for us to maintain the Assuan
> code.
>=20
> If this is okay, I can release a dirmngr 0.5 today.
Seems fine to me,
but we should identify the places=20
we need to change the build instructions then.
--NDin8bjvE/0mNLFQ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA/OfKch9ag3dpKERYRAogCAJoCNagNuGiOOsJF/t7zeYjHt/XGFQCeM1fz
mkz6p2aH+Db81RznRDxhcRM=
=hRkY
-----END PGP SIGNATURE-----
--NDin8bjvE/0mNLFQ--