diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/cha-bib.texi | 6 | ||||
-rw-r--r-- | doc/cha-tokens.texi | 7 |
2 files changed, 13 insertions, 0 deletions
diff --git a/doc/cha-bib.texi b/doc/cha-bib.texi index b99afce4ef..9acc86cce5 100644 --- a/doc/cha-bib.texi +++ b/doc/cha-bib.texi @@ -113,6 +113,12 @@ E. Rescorla, M. Ray, S. Dispensa, and N. Oskov, "Transport Layer Security (TLS) Renegotiation Indication Extension", February 2010, available from @url{http://www.ietf.org/rfc/rfc5746}. +@item @anchor{RFC5280}[RFC5280] +D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and +W. Polk, "Internet X.509 Public Key Infrastructure Certificate and +Certificate Revocation List (CRL) Profile", May 2008, available from +@url{http://www.ietf.org/rfc/rfc5280}. + @item @anchor{TLSTKT}[TLSTKT] Joseph Salowey, Hao Zhou, Pasi Eronen, Hannes Tschofenig, "Transport Layer Security (TLS) Session Resumption without Server-Side State", diff --git a/doc/cha-tokens.texi b/doc/cha-tokens.texi index 444927f952..88dbc40ef7 100644 --- a/doc/cha-tokens.texi +++ b/doc/cha-tokens.texi @@ -88,6 +88,13 @@ Additional functions are available that will return information over a public key, as well as a function that given a public key fingerprint would provide a memorable sketch. +The key_id and random_art functions are based on an SHA1 digest of the +the public key canonicalized as a DER-formatted, ASN.1-encoded +subjectPublicKeyInfo object. This is different from the ``common +method'' described by section 4.2.1.2 of @xcite{RFC5280} in that +GnuTLS includes the algorithmIdentifier (algorithm plus parameters) in +addition to the raw key material itself. + @showfuncD{gnutls_pubkey_get_pk_algorithm,gnutls_pubkey_get_preferred_hash_algorithm,gnutls_pubkey_get_key_id,gnutls_random_art} To export the key-specific parameters, or obtain a unique key ID the following functions are provided. |