Hello,
I think the person I spoke with might have thought about another set of signatures for an in-house identity provider. If that is the case then those signatures were probably generated by OpenSSL 1.0.2 and are OK.
I heard from another person today that the bad files were produced by the other primary identity provider we use, so we must support the
existing format. Now I really do not see any other solution but to either downgrade or fork OpenSSL.
On Wed, Apr 3, 2019 at 9:59 AM Matt Caswell <matt@xxxxxxxxxxx> wrote:
On 02/04/2019 17:34, Steffen wrote:
> Hello,
>
>> What had produced the signatures?
>
> I received word from my end that the signatures may have been produced by
> OpenSSL 1.0.2 (no idea which letter release) in the Cygwin environment but I
> cannot confirm this.
>
If that's the case, I'd really like to know what specific version and how the
signatures were generated (although it seems a little surprising if 1.0.2 is
creating these incorrect signatures that no-one else has encountered this, since
the commit in question went in over 2.5 years ago).
Matt
