From bc76fa2a8a413b36753822b9ee3e73b0ce5013e3 Mon Sep 17 00:00:00 2001 From: schwarze <> Date: Fri, 23 Dec 2016 01:01:55 +0000 Subject: Link to Peter Gutmann's classic "X.509 Style Guide". Thanks to otto@ for making me aware of it. If people know newer documents that are similarly readable and interesting, please speak up. I hate sending people to the STANDARDS only for more information. On the one hand, that's torture, and on the other hand, if i read Gutmann correctly, the standards sometimes provide bad advice, and often none at all. --- src/lib/libcrypto/man/X509_new.3 | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/man/X509_new.3 b/src/lib/libcrypto/man/X509_new.3 index 6520aaf477..020eee196d 100644 --- a/src/lib/libcrypto/man/X509_new.3 +++ b/src/lib/libcrypto/man/X509_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_new.3,v 1.7 2016/12/22 13:05:59 schwarze Exp $ +.\" $OpenBSD: X509_new.3,v 1.8 2016/12/23 01:01:55 schwarze Exp $ .\" OpenSSL 3a59ad98 Dec 11 00:36:06 2015 +0000 .\" .\" This file was written by Dr. Stephen Henson . @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: December 22 2016 $ +.Dd $Mdocdate: December 23 2016 $ .Dt X509_NEW 3 .Os .Sh NAME @@ -131,3 +131,12 @@ Certificate Revocation List (CRL) Profile and .Fn X509_free are available in all versions of SSLeay and OpenSSL. +.Sh BUGS +The X.509 public key infrastructure and its data types contain too +many design bugs to list them. +For lots of examples, see the classic +.Lk https://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt\ + "X.509 Style Guide" +that +.An Peter Gutmann +published in 2000. -- cgit v1.2.3-55-g6feb