Re: [exim] OCSP stapling failure with letsencrypt

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MM++++\admin at <-
MMMMMMMadmin at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] OCSP stapling failure with letsencrypt
On 27/10/16 21:09, Renaud Allard wrote:
> In openssl source, you can see that the call should be something like:
> OCSP_basic_verify(bs, verify_other, store, verify_flags);

That's overstating the case, "Can be". The question is, when is
is appropriate and safe from a security standpoint to verify
the OCSP proof using an alternate set-of-trust-anchors?

--
Cheers,
Jeremy


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Issue with using alias fileRe: [exim] OCSP stapling failure with letsencrypt->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)