Brian A. Seklecki wrote:
On Mon, 4 Feb 2008, Howard Chu wrote:
If you're going to assume that you know more about how this software works than we do, and what information is pertinent to answering a question, you might as well not bother to ask any questions in the first place.
Man ... you are wrapped way too tight for Southern California :)
It's been a particularly cold winter...
OpenSSL is not necessarily the relevant piece of software here. There's also GNUtls to consider, but we can't say for certain because you have decided in your infinite wisdom that providing relevant details is unnecessary.
Oh for heavens sakes. Like I'm going to send you "uname -a" output when I'm asking about personal experiences with X.509 certificate / PKI providers?
Your original post didn't ask about PKI providers. You asked:
Does anyone know of any known-problems with OpenLDAP server/client-side certificates signed with X509 v3 Extensions?
And in fact, in the intervening time since you posted the question, a problem was reported: http://www.openldap.org/its/index.cgi/Incoming?id=5361
If you're going to ask a vague question and then change your mind about what you really meant to ask, that's not going to help the conversation much either.
Relax man ... You keep on like that, people will start to think you're a nun in a monastery (with sand in your couch!). Kootos to Quanah, though, for not treating me like a PYI. Next Christmas we're sending him an $100 bottle of scotch and you a bottle of Johnson& Johnson "No Tears" (*)
~~BAS
(*) That's a Maddox reference. You deserve a bottle of Scotch, too, though.
Ah, finally a posting of substance. An Islay is always good. :P