[Haskell-cafe] Taking the TLS package for a spin ... and failing
Florian Weimer
fw at deneb.enyo.de
Tue Dec 14 22:24:29 CET 2010
* Mads Lindstrøm:
> I got it to work :) But there seems to be some bugs in the Haskell
> server certificate handling. It seems that TLS do not transfer the ST
> (state, as in California) parameter in the X509 subject field. It also
> seems that the Haskell server do not send the email-address.
And in reality, DER encoding isn't reversible, so you better serve the
exact certificate blob which was passed to the server. Decoding and
reencoding does not work reliably because sometimes, a non-DER version
of the certificate has been signed.
More information about the Haskell-Cafe
mailing list