Add the -VAfile option to 'openssl ocsp'. This option will give the

client code certificates to use to only check response signatures. I'm not entirely sure if the way I just implemented the verification is the right way to do it, and would be happy if someone would like to review this.
author: Richard Levitte <levitte@openssl.org> 2001-02-08 17:59:29 +0000
committer: Richard Levitte <levitte@openssl.org> 2001-02-08 17:59:29 +0000
commit: 9235adbf47cb5bd045742e762e3d17e31b2ed553 (patch)
tree: 938d855793a0f640b632b9a53e8de6f94a6aae48 /CHANGES
parent: a71b5abfa4c5515fcfb5b69281e04cf620e0c66c (diff)
download: openssl-9235adbf47cb5bd045742e762e3d17e31b2ed553.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 136dde4884..4c59e64dbf 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,11 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Add the option -VAfile to 'openssl ocsp', so the user can give the
+     OCSP client a number of certificate to only verify the response
+     signature against.
+     [Richard Levitte]
+
   *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
      Bleichenbacher's DSA attack.
      [Ulf Moeller, Bodo Moeller]
author	Richard Levitte <levitte@openssl.org>	2001-02-08 17:59:29 +0000
committer	Richard Levitte <levitte@openssl.org>	2001-02-08 17:59:29 +0000
commit	9235adbf47cb5bd045742e762e3d17e31b2ed553 (patch)
tree	938d855793a0f640b632b9a53e8de6f94a6aae48 /CHANGES
parent	a71b5abfa4c5515fcfb5b69281e04cf620e0c66c (diff)
download	openssl-9235adbf47cb5bd045742e762e3d17e31b2ed553.tar.gz