From: Jan J. K. <ja...@ni...> - 2014-03-31 07:42:32
|
On 30/03/14 15:46, Gert Doering wrote: > Hi, > > On Sun, Mar 30, 2014 at 12:48:37AM +0100, Steffan Karger wrote: >> 3 - Change OpenSSL builds to use hax representation > I tend toward this one - user visible behaviour shouldn't change (unless > unavoidable) depending on SSL library used. > > So for me this boils down to "how many users are relying on the current > behaviour, which is not what the docs say it should be"? > > I've posted a script to verify CRLs http://www.nikhef.nl/~janjust/vpn/OpenVPN2-Cookbook/verify-crls.sh which relies on the XX:XX:XX format ... I could change that, of course, but I am not sure how many people are actually using that script. Printing the serial in hex format would make it more difficult to do a CRL check, however, as the openssl tools by default use the XX:XX:XX format. JM2CW, JJK |