[Info-vax] New OpenSSL update from HP
RobertsonEricW
robertsonericw at netzero.net
Sun Jun 14 20:22:00 EDT 2015
On Sunday, June 14, 2015 at 7:47:10 PM UTC-4, Stephen Hoffman wrote:
> Then there's that more than a few folks don't really understand how
> certificates and DH and the rest work, and there's absolutely no
> integration with OpenVMS at present -- there are four different
> certificate stores commonly encountered, if not more. (CDSA, OpenSSL,
> ssh and sshd, Apache, and probably some others.)
>
Yes. This multiplication of certificate stores needs to start being constrained. This so that the maintenance of the software that uses, stores, or originates certificates is simplified amongst all of the various software that routinely perform these certificate operations. As you point out this particular problem is not OpenVMS specific. Though, outside of OpenVMS, I am not aware of any other software of recent vintage that uses CDSA for certificate processing, storage or origination. So, at some point in the future of OpenVMS, CDSA will likely need to be deprecated to consolidate the state of software on OpenVMS as well as the software originated from the Open Source quarters.
More information about the Info-vax
mailing list