Add the -VAfile option to 'openssl ocsp'. This option will give the client code certificates to use to only check response signatures. I'm not entirely sure if the way I just implemented the verification is the right way to do it, and would be happy if someone would like to review this.

commit: 9235adbf47cb5bd045742e762e3d17e31b2ed553 [log] [tgz]
author: Richard Levitte <levitte@openssl.org> Thu Feb 08 17:59:29 2001 +0000
committer: Richard Levitte <levitte@openssl.org> Thu Feb 08 17:59:29 2001 +0000
tree: 938d855793a0f640b632b9a53e8de6f94a6aae48
parent: a71b5abfa4c5515fcfb5b69281e04cf620e0c66c [diff] [blame]
diff --git a/CHANGES b/CHANGES
index 136dde4..4c59e64 100644
--- a/CHANGES
+++ b/CHANGES

@@ -3,6 +3,11 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Add the option -VAfile to 'openssl ocsp', so the user can give the
+     OCSP client a number of certificate to only verify the response
+     signature against.
+     [Richard Levitte]
+
   *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
      Bleichenbacher's DSA attack.
      [Ulf Moeller, Bodo Moeller]
commit	9235adbf47cb5bd045742e762e3d17e31b2ed553	[log] [tgz]
author	Richard Levitte <levitte@openssl.org>	Thu Feb 08 17:59:29 2001 +0000
committer	Richard Levitte <levitte@openssl.org>	Thu Feb 08 17:59:29 2001 +0000
tree	938d855793a0f640b632b9a53e8de6f94a6aae48
parent	a71b5abfa4c5515fcfb5b69281e04cf620e0c66c [diff] [blame]