Author christian.heimes
Recipients benjamin.peterson, brian.curtin, christian.heimes, dilettant, dstufft, eric.araujo, esc24, georg.brandl, larry, loewis, mlen, ned.deily, orsenthil, pitrou, ronaldoussoren
Date 2014-02-28.08:09:19
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1393574959.88.0.155283841206.issue17128@psf.upfronthosting.co.za>
In-reply-to
Content
Thanks to Hynek we were able to dig deeper into Apple's modifications. OpenSSL on OSX uses TEA (TrustEvaluationAgent) to verify cert chains. TEA is pretty much undocumented on the internet but perhaps we can use it to verify certs with OpenSSL 1.x, too?

http://opensource.apple.com/source/OpenSSL098/OpenSSL098-35.1/src/crypto/x509/x509_vfy_apple.c
History
Date User Action Args
2014-02-28 08:09:20christian.heimessetrecipients: + christian.heimes, loewis, georg.brandl, ronaldoussoren, orsenthil, pitrou, larry, benjamin.peterson, ned.deily, eric.araujo, brian.curtin, esc24, dilettant, dstufft, mlen
2014-02-28 08:09:19christian.heimessetmessageid: <1393574959.88.0.155283841206.issue17128@psf.upfronthosting.co.za>
2014-02-28 08:09:19christian.heimeslinkissue17128 messages
2014-02-28 08:09:19christian.heimescreate