Sortix 1.1dev ports manual
This manual documents Sortix 1.1dev ports. You can instead view this document in the latest official manual.
SXNET_NEW(3) | Library Functions Manual | SXNET_NEW(3) |
NAME
SXNET_new, SXNET_free, SXNETID_new, SXNETID_free, d2i_SXNET, i2d_SXNET, d2i_SXNETID, i2d_SXNETID — Thawte strong extranet X.509 extensionSYNOPSIS
#include <openssl/x509v3.h> SXNET *SXNET_new(void); void
SXNET_free(SXNET *sxnet); SXNETID *
SXNETID_new(void); void
SXNETID_free(SXNETID *sxnetid); SXNET *
d2i_SXNET(SXNET **val_out, const unsigned char **der_in, long length); int
i2d_SXNET(SXNET *val_in, unsigned char **der_out); SXNETID *
d2i_SXNETID(SXNETID **val_out, const unsigned char **der_in, long length); int
i2d_SXNETID(SXNETID *val_in, unsigned char **der_out);
DESCRIPTION
SXNET_new() allocates and initializes an empty SXNET object representing a non-standard proprietary Thawte strong extranet X.509 extension. SXNET_free() frees sxnet. SXNETID_new() allocates and initializes an empty SXNETID object. It is used inside SXNET. SXNETID_free() frees sxnetid. The remaining functions decode and encode these objects using DER format. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3).RETURN VALUES
SXNET_new() and d2i_SXNET() return an SXNET object orNULL
if an error occurs.
SXNETID_new() and
d2i_SXNETID() return an
SXNETID object or
NULL
if an error occurs.
i2d_SXNET() and
i2d_SXNETID() return the number of bytes
successfully encoded or a negative value if an error occurs.
SEE ALSO
X509_EXTENSION_new(3), X509_new(3) M. Shuttleworth, The Strong Extranet: real-world personal certification, Thawte Consulting, South Africa, 1998.HISTORY
These functions first appeared in OpenSSL 0.9.3 and have been available since OpenBSD 2.6.BUGS
This manual page does not explain what the extension actually does because no authoritative information was found online so far. The only hint was found in an ancient white paper "Securing IBM Applications with Public Key Infrastructure" on the IBM website, dated June 13, 2001: "Thawte also has a technology called Strong Extranet that allows institutions to encode customer information in the extensions to their customer's certificates. Because multiple institutions can add information, the user needs only one certificate, making renewal and revocation simpler, although the issue of modifying an extension to an existing certificate is not addressed." It is unclear whether that explanation is accurate, but in any case, it is not very specific.March 21, 2018 | Debian |