|
|
|
|
|
|
by jgaa
686 days ago
|
|
|
My "issue" with X509 is that it's hard to create certificates in code. I have not seen a single software package I use do it from scratch. They always use a library. The X509 library functions in openssl is horrific, with plenty of opportunities to mess up. It's a paradox that something that is designed to improve security is designed in a way that make it extremely hard to implement it in a clean and secure manner. |
|
|