DragonFly On-Line Manual Pages

Search: Section:  


SXNET_NEW(3)          DragonFly Library Functions Manual          SXNET_NEW(3)

NAME

SXNET_new, SXNET_free, SXNETID_new, SXNETID_free, d2i_SXNET, i2d_SXNET, d2i_SXNETID, i2d_SXNETID - Thawte strong extranet X.509 extension

SYNOPSIS

#include <openssl/x509v3.h> SXNET * SXNET_new(void); void SXNET_free(SXNET *sxnet); SXNETID * SXNETID_new(void); void SXNETID_free(SXNETID *sxnetid); SXNET * d2i_SXNET(SXNET **val_out, const unsigned char **der_in, long length); int i2d_SXNET(SXNET *val_in, unsigned char **der_out); SXNETID * d2i_SXNETID(SXNETID **val_out, const unsigned char **der_in, long length); int i2d_SXNETID(SXNETID *val_in, unsigned char **der_out);

DESCRIPTION

SXNET_new() allocates and initializes an empty SXNET object representing a non-standard proprietary Thawte strong extranet X.509 extension. SXNET_free() frees sxnet. SXNETID_new() allocates and initializes an empty SXNETID object. It is used inside SXNET. SXNETID_free() frees sxnetid. The remaining functions decode and encode these objects using DER format. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3).

RETURN VALUES

SXNET_new() and d2i_SXNET() return an SXNET object or NULL if an error occurs. SXNETID_new() and d2i_SXNETID() return an SXNETID object or NULL if an error occurs. i2d_SXNET() and i2d_SXNETID() return the number of bytes successfully encoded or a negative value if an error occurs.

SEE ALSO

X509_EXTENSION_new(3), X509_new(3) M. Shuttleworth, The Strong Extranet: real-world personal certification, Thawte Consulting, South Africa, 1998.

HISTORY

These functions first appeared in OpenSSL 0.9.3 and have been available since OpenBSD 2.6.

BUGS

This manual page does not explain what the extension actually does because no authoritative information was found online so far. The only hint was found in an ancient white paper "Securing IBM Applications with Public Key Infrastructure" on the IBM website, dated June 13, 2001: "Thawte also has a technology called Strong Extranet that allows institutions to encode customer information in the extensions to their customer's certificates. Because multiple institutions can add information, the user needs only one certificate, making renewal and revocation simpler, although the issue of modifying an extension to an existing certificate is not addressed." It is unclear whether that explanation is accurate, but in any case, it is not very specific. DragonFly 5.7-DEVELOPMENT March 21, 2018 DragonFly 5.7-DEVELOPMENT

Search: Section: