From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Sun, 4 Feb 2007 01:16:25 +0300 From: "Dmitry V. Levin" To: ALT Devel discussion list Message-ID: <20070203221625.GD15565@basalt.office.altlinux.org> Mail-Followup-To: ALT Devel discussion list References: <45B2CFF0.8050200@altlinux.org> <20070121121431.GC15171@basalt.office.altlinux.org> <45B3F4BC.5060801@altlinux.org> <20070121234749.GA31842@basalt.office.altlinux.org> <45B460AF.9020005@altlinux.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="OaZoDhBhXzo6bW1J" Content-Disposition: inline In-Reply-To: <45B460AF.9020005@altlinux.org> X-fingerprint: FE4C 93AB E19A 2E4C CB5D 3E4E 7CAB E6AC 9E35 361E Subject: Re: [devel] Q: SSL/TLS in ALT Linux X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.9rc1 Precedence: list Reply-To: ALT Devel discussion list List-Id: ALT Devel discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Feb 2007 22:16:25 -0000 Archived-At: List-Archive: List-Post: --OaZoDhBhXzo6bW1J Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable =EF=C2=D3=D5=D6=C4=C5=CE=C9=C5 SSL/TLS policy =D3 =D0=D2=CF=DB=CC=CF=C7=CF = =CD=C5=D3=D1=C3=C1, =C3=C9=D4=C9=D2=D5=C0 =D0=CF=CC=CE=CF=D3=D4=D8=C0. On Mon, Jan 22, 2007 at 09:58:55AM +0300, Mikhail Yakshin wrote: > Dmitry V. Levin wrote: >=20 > >> =F0=D2=C5=C4=CC=C1=C7=C1=C0 =D3=C4=C5=CC=C1=D4=D8 =CE=C5=DE=D4=CF =D7= =D2=CF=C4=C5 SSL policy =C9 =DA=C1=CB=D2=C5=D0=C9=D4=D8 =D7 =CE=C5=CA =D0= =D2=C9=CD=C5=D2=CE=CF > >> =D3=CC=C5=C4=D5=C0=DD=C9=C5 =CF=D3=CE=CF=D7=CE=D9=C5 =D0=D5=CE=CB=D4= =D9: > >> > >> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D > >> > >> 1. =F3=D5=DD=C5=D3=D4=D7=D5=C5=D4 ALT root CA, =D0=D2=C9=CE=C1=C4=CC= =C5=D6=C1=DD=C9=CA =EF=EF=EF (=CB=C1=CB =C9 =D7=D3=C5 =CF=D3=D4=C1=CC=D8=CE= =D9=C5 > >> =CF=D3=CE=CF=D7=CE=D9=C5 =D0=CF=C4=D0=C9=D3=C9 =C9 =CB=CC=C0=DE=C9 =D0= =CF =D2=C5=D0=CF=DA=C9=D4=C1=D2=C9=D1=CD=C9 =C9 =D0=CF =D0=D2=CF=C5=CB=D4= =D5 =D7 =C3=C5=CC=CF=CD). > >=20 > > =F1 =D3=CF=CD=CE=C5=D7=C1=C0=D3=D8 =D7 =D4=CF=CD, =DE=D4=CF =D7=D3=A3 = =DC=D4=CF =D0=D2=C9=CE=C1=C4=CC=C5=D6=C9=D4 OOO. >=20 > =EB=CF=CD=D5 =D3=C5=CA=DE=C1=D3 =D0=D2=C9=CE=C1=C4=CC=C5=D6=C1=D4 GPG-=CB= =CC=C0=DE=C9, =CB=CF=D4=CF=D2=D9=CD=C9 =D0=CF=C4=D0=C9=D3=D9=D7=C1=C5=D4=D3= =D1 =D2=C5=D0=CF=DA=C9=D4=C1=D2=C9=CA, > =D0=C1=CB=C5=D4 openssl =C9 =DA=C1=DD=C9=DD=C1=C5=CD=D9=C5 =D3=C5=D2=D7= =C5=D2=C1 *.altlinux.*? =EB=C1=CB =DC=D4=CF =CC=D5=DE=DB=C5 > =D0=C5=D2=C5=C6=CF=D2=CD=D5=CC=C9=D2=CF=D7=C1=D4=D8? =F1 =CE=C5 =DA=CE=C1=C0, =CB=C1=CB =DC=D4=CF =CC=D5=DE=DB=C5 =D0=C5=D2=C5= =C6=CF=D2=CD=D5=CC=C9=D2=CF=D7=C1=D4=D8. =EE=D5=D6=CE=C1 =D0=CF=CD=CF=DD= =D8. > >> 1.1. =F3=C5=D2=D4=C9=C6=C9=CB=C1=D4 =C9=CD=C5=C5=D4 CN=3D<=D4=C1=CB=CF= =CA-=D4=CF>, OU=3D<=D4=C1=CB=CF=CA-=D4=CF>, O=3D<=D4=C1=CB=CF=CA-=D4=CF>, > >> C=3D<=D4=C1=CB=CF=CA-=D4=CF> (=C9 =D4.=D0.) > >> 1.2. =F3=D2=CF=CB =C4=C5=CA=D3=D4=D7=C9=D1 CA =D5=D3=D4=C1=CE=C1=D7=CC= =C9=D7=C1=C5=D4=D3=D1 =D7 =CC=C5=D4. > >=20 > > =E1 =CB=C1=CB=CF=CA =D3=D2=CF=CB =D1=D7=CC=D1=C5=D4=D3=D1 =D4=D2=C1=C4= =C9=C3=C9=CF=CE=CE=D9=CD? 3 =C7=CF=C4=C1? 5 =CC=C5=D4? >=20 > =EE=D5, =D7=CF=CF=C2=DD=C5, =C9=DA =D0=D2=C1=CB=D4=C9=CB=C9 - =D5 =CB=CF= =CD=CD=C5=D2=DE=C5=D3=CB=C9=C8 CA =DC=D4=CF=D4 =D3=D2=CF=CB =CF=DE=C5=CE=D8= =D3=C9=CC=D8=CE=CF > =CF=D4=CC=C9=DE=C1=C5=D4=D3=D1. =F7=CD=C5=CE=D1=C5=CD=D9=C5 =C9 =D3=C5=D2= =D8=C5=DA=CE=D9=C5 CA =C9=CD=C5=C0=D4 10 =CC=C5=D4, =C1 > =D3=D2=C5=C4=CE=C5=C5=D3=D4=C1=D4=C9=D3=D4=C9=DE=C5=D3=CB=C9=C5 - =C7=C4= =C5-=D4=CF =CF=D4 20 =CC=C5=D4, =C1 =D4=CF =C9 =D0=CF=C4 30. >=20 > =E2=CF=CC=D8=DB=C9=CE=D3=D4=D7=CF =D3=C1=CD=CF=D0=CF=C4=D0=C9=D3=C1=CE=CE= =D9=C8 =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=CF=D7 =C7=C5=CE=C5=D2=C9=D2=D5=C0=D4= =D3=D1 =DE=C1=D3=D4=CF =C4=CC=D1 =C7=C1=CC=CF=DE=CB=C9 > =C9 =C9=CD=C5=C0=D4 =C6=C1=CB=D4=C9=DE=C5=D3=CB=C9 =CE=C5=CF=C7=D2=C1=CE= =C9=DE=C5=CE=CE=D9=CA =D3=D2=CF=CB =C4=C5=CA=D3=D4=D7=C9=D1. >=20 > =F7 =D3=D7=CF=C5 =D7=D2=C5=CD=D1 Thawte =C9 VeriSign =CE=C1 =DC=D4=CF=CD = =CF=DE=C5=CE=D8 =D0=CF=C7=CF=D2=C5=CC=C9, =CB=CF=C7=C4=C1 =D7=D9=D0=D5=D3= =D4=C9=CC=C9 > =D3=D7=CF=C9 =D0=C5=D2=D7=D9=C5 =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=D9 =D3 =D0= =C5=D2=D7=D9=CD=C9 =D7=C5=D2=D3=C9=D1=CD=C9 Netscape =CE=C1 5 =C9=CC=C9 =CE= =C1 7 =CC=C5=D4, > =CB=C1=D6=C5=D4=D3=D1 - =C9 =D0=CF=D4=CF=CD =D7=C4=D2=D5=C7 =D3=D4=CF=CC= =CB=CE=D5=CC=C9=D3=D8 =D3 =D4=C5=CD, =DE=D4=CF =D3=C5=D2=D4=C9=C6=C9=CB=C1= =D4 =D5=D6=C5 =CB=CF=CE=DE=C1=C5=D4=D3=D1, > =C1 =CD=C1=D3=D3=C1 =CE=C1=D2=CF=C4=C1 =CE=C5 =CF=C2=CE=CF=D7=CC=D1=CC=CF= =C2=D2=C1=D5=DA=C5=D2=D9 =D3 =D4=C5=C8 =D0=CF=D2 =C9, =D7=CF=CF=C2=DD=C5 = =C7=CF=D7=CF=D2=D1, =CB=C1=CB-=D4=CF > =CE=C5 =CF=D3=CF=C2=C5=CE=CE=CF =D0=CC=C1=CE=C9=D2=D5=C5=D4 =CF=C2=CE=CF= =D7=CC=D1=D4=D8. >=20 > =F2=C5=C7=C5=CE=C5=D2=C1=C3=C9=D1 =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=C1 CA - = =C4=C1=D6=C5 =C4=CC=D1 =CE=C1=D3 - =D1 =D4=C1=CB =D0=CF=CE=C9=CD=C1=C0, =DC= =D4=CF =C4=CF=D7=CF=CC=D8=CE=CF > =CE=C5=D4=D2=C9=D7=C9=C1=CC=D8=CE=D9=CA =CE=C1=C2=CF=D2 =C4=C5=CA=D3=D4= =D7=C9=CA (=C5=D3=CC=C9 =D4=CF=CC=D8=CB=CF =CE=C5 =D0=D2=C9=C4=D5=CD=C1=D4= =D8 =CE=C5=CB=C9=CA =CD=C1=CB=D2=CF=D3 =D7 > RPM, =CB=CF=D4=CF=D2=D9=CA =C2=D9 =C4=CF=C2=C1=D7=CC=D1=CC =C5=C7=CF =C1= =D7=D4=CF=CD=C1=D4=C9=DE=C5=D3=CB=C9 - =D4=CF=C7=C4=C1 =CD=CF=D6=CE=CF =C2= =D9=CC=CF =C2=D9 > =D0=C5=D2=C5=D3=CF=C2=C9=D2=C1=D4=D8 =D7=D3=C5 =CE=D5=D6=CE=D9=C5 =D0=C1= =CB=C5=D4=D9 =D2=CF=C2=CF=D4=CF=CD =C9 =D7=D3=C5), =C1 =C4=CC=D1 =CB=CF=CD= =CD=C5=D2=DE=C5=D3=CB=C9=C8 CA - > =D4=C1=CB =D3=CF=D7=D3=C5=CD =CE=C5=D0=CF=C4=DF=C5=CD=CE=C1=D1 =DA=C1=C4= =C1=DE=C1. >=20 > =F4=C1=CB =DE=D4=CF, =C4=D5=CD=C1=C0, =D2=C1=DA=D5=CD=CE=D9=CD =C2=D5=C4= =C5=D4 =D5=D3=D4=C1=CE=CF=D7=C9=D4=D8 =DC=D4=CF=D4 =D3=D2=CF=CB =D7 10 =CC= =C5=D4 =C9 =D0=D2=C9=C4=D5=CD=C1=D4=D8 > =CE=C5=CB=D5=C0 =CF=C2=D7=D1=DA=CB=D5, =CB=CF=D4=CF=D2=C1=D1 =C2=D9 =D0= =CF=DA=D7=CF=CC=C9=CC=C1 =D7=D3=C5 =D0=C1=CB=C5=D4=D9, =CE=CF=D3=D1=DD=C9= =C5 =D7 =D3=C5=C2=C5 =DC=D4=CF=D4 > =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4 =C2=D9=D3=D4=D2=CF =D0=C5=D2=C5=D3=CF=C2= =D2=C1=D4=D8? OK, =D0=D5=D3=D4=D8 =C2=D5=C4=C5=D4 10 =CC=C5=D4, =D4=CF=C7=C4=C1 =D4=CF=D2= =CF=D0=C9=D4=D8=D3=D1 =D3 =CF=C2=D7=D1=DA=CB=CF=CA =CE=C5 =D0=CF=D4=D2=C5= =C2=D5=C5=D4=D3=D1. :) > >> 1.3. =E5=C7=CF =D0=CF=C4=C4=C5=D2=D6=C1=CE=C9=C5=CD, =D2=C5=C7=C5=CE= =C5=D2=C1=C3=C9=C5=CA, =D7=D9=D0=C9=D3=D9=D7=C1=CE=C9=C5=CD =D3=C5=D2=D4=C9= =C6=C9=CB=C1=D4=CF=D7 > >> =DA=C1=CE=C9=CD=C1=C5=D4=D3=D1 <=D7=C9=C4=C9=CD=CF, =CB=D4=CF-=D4=CF = =C9=DA =D3=D5=D0=D0=CF=D2=D4=C1?> > >=20 > > =FC=D4=CF =CD=D9 =D5=D6=C5 =D0=D2=CF=C8=CF=C4=C9=CC=C9. =EB =D3=CF=D6= =C1=CC=C5=CE=C9=C0, =D7 =D3=D5=D0=D0=CF=D2=D4=C5 =C4=CC=D1 =DC=D4=CF=C7=CF = =D3=CC=C9=DB=CB=CF=CD =CE=C9=DA=CB=C1=D1 > > =CD=C5=D2=C1 =CF=D4=D7=C5=D4=D3=D4=D7=C5=CE=CE=CF=D3=D4=C9. =E4=D5=CD= =C1=C0 =DE=D4=CF security@altlinux =C4=CC=D1 =DC=D4=CF=C7=CF =CC=D5=DE=DB=C5 > > =D0=CF=C4=C8=CF=C4=C9=D4. >=20 > =F3=CF=C7=CC=C1=D3=C5=CE. OK > >> 1.4. =F2=C5=C7=C5=CE=C5=D2=C1=C3=C9=D1 =C4=C5=CC=C1=C5=D4=D3=D1 =DA=C1= <=D0=CF=CC=C7=CF=C4=C1> =C4=CF =CF=CB=CF=CE=DE=C1=CE=C9=D1 =D3=D2=CF=CB=C1= =C4=C5=CA=D3=D4=D7=C9=D1 > >> =CF=DE=C5=D2=C5=C4=CE=CF=C7=CF =CF=D3=CE=CF=D7=CE=CF=C7=CF CA: =C7=C5= =CE=C5=D2=C9=D2=D5=C5=D4=D3=D1 =CE=CF=D7=D9=CA =D3=C5=D2=D4=C9=C6=C9=CB=C1= =D4 =C9 =D7 =DC=D4=C9 =D0=CF=CC=C7=CF=C4=C1 > >> =D7=D3=C5 =CE=CF=D3=D1=D4 2 =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=C1. =F3=D4= =C1=D2=D9=CA =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4 =D7=D9=CB=C9=C4=D9=D7=C1=C5=D4= =D3=D1 =CF=D4=CF=D7=D3=C0=C4=D5 =D0=CF > >> =D7=CF=DA=CD=CF=D6=CE=CF=D3=D4=C9, =CB=C1=CB =C5=C7=CF =D3=D2=CF=CB = =C4=C5=CA=D3=D4=D7=C9=D1 =D3=CF=D7=D3=C5=CD =DA=C1=CB=C1=CE=DE=C9=D7=C1=C5= =D4=D3=D1. > >=20 > > =F3=D5=C4=D1 =D0=CF =CF=D0=D9=D4=D5 =DA=C1=CD=C5=CE=D9 gpg-=CB=CC=C0=DE= =C5=CA, =D0=CF=CC=C7=CF=C4=C1 =C2=D5=C4=C5=D4 =CD=C1=CC=CF. =EC=D5=DE=DB= =C5 =C5=D3=CC=C9 =C7=CF=C4. >=20 > =F3=CF=C7=CC=C1=D3=C5=CE. OK > >> 1.5. =F3=C5=D2=D4=C9=C6=C9=CB=C1=D4 =D7=D3=C5=C7=C4=C1 =C4=CF=D3=D4=D5= =D0=C5=CE =C4=CC=D1 =D3=CB=C1=DE=C9=D7=C1=CE=C9=D1 =D3 > >> , =C1 =D4=C1=CB=D6=C5 =D7 =D0=C1=CB=C5=D4=C5= openssl (=C9=DA =D4=C5=C8 > >> =D3=CF=CF=C2=D2=C1=D6=C5=CE=C9=CA, =DE=D4=CF =CF=CE =D5 =CE=C1=D3 =CE= =C1=C9=C2=CF=CC=C5=C5 =D3=C9=D3=D4=C5=CD=CF=CF=C2=D2=C1=DA=D5=C0=DD=C9=CA). > >> > >> 2. =F7=D3=C5 https-=D3=C5=D2=D7=C5=D2=D9 =C9 XMMP-=D3=C5=D2=D7=C5=D2= =D9 ALT (=CB=C1=CB =CD=C9=CE=C9=CD=D5=CD, =D0=C5=D2=C5=DE=C9=D3=CC=C5=CE=CE= =D9=C5 =D7 > >> gory details =D7 =D0=C5=D2=D7=CF=CD =D0=C9=D3=D8=CD=C5) =C9=D3=D0=CF= =CC=D8=DA=D5=C0=D4 =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=D9, =D7=D9=D0=C9=D3=C1=CE= =CE=D9=C5 =DC=D4=C9=CD > >> ALT root CA. > >> > >> 2.1. =F3=C5=D2=D4=C9=C6=C9=CB=C1=D4=D9 =C4=CF=CC=D6=CE=D9 =C9=CD=C5=D4= =D8 =CB=CF=D2=D2=C5=CB=D4=CE=CF =D5=D3=D4=C1=CE=CF=D7=CC=C5=CE=CE=D9=C5, = =D7 =D4=CF=CD =DE=C9=D3=CC=C5, > >> =CE=C1=D0=D2=C9=CD=C5=D2, =D0=D2=C1=D7=C9=CC=D8=CE=D9=CA CN. > >> 2.2. =F4.=CB. =C5=D3=D4=D8, =CB=C1=CB =CD=C9=CE=C9=CD=D5=CD, 3 =C4=CF= =CD=C5=CE=C1 (altlinux.org, altlinux.ru, > >> altlinux.com), =D7=C9=C4=C9=CD=CF, =CE=C1 =CB=C1=D6=C4=D9=CA =D3=C5=D2= =D7=C9=D3 =CE=D5=D6=CE=CF =D7=D9=D0=C9=D3=D9=D7=C1=D4=D8 3 =D3=C5=D2=D4=C9= =C6=C9=CB=C1=D4=C1. > >=20 > > =F4=CF=DE=CE=C5=C5 =C7=CF=D7=CF=D2=D1, =CE=C1 =CB=C1=D6=C4=D9=CA =D0=CF= =C4=C4=C5=D2=D6=C9=D7=C1=C5=CD=D9=CA =DC=D4=C9=CD =D3=C5=D2=D7=C9=D3=CF=CD = =C4=CF=CD=C5=CE. >=20 > =F3=CF=C7=CC=C1=D3=C5=CE. OK > >> 2.3. =F4=C1=CD, =C7=C4=C5 https =CF=C2=DF=C5=CB=D4=C9=D7=CE=CF =CE=C5 = =CE=D5=D6=C5=CE - =C5=C7=CF =D7=CF=CF=C2=DD=C5 =C2=D9=D4=D8 =CE=C5 =C4=CF= =CC=D6=CE=CF, 443 > >> =D0=CF=D2=D4 =DA=C1=CB=D2=D9=D4. > >=20 > > =ED=CE=C5 =CB=C1=D6=C5=D4=D3=D1, =DE=D4=CF =DC=D4=CF =D4=D2=C5=C2=CF=D7= =C1=CE=C9=C5 =C2=CF=CC=C5=C5 =D5=CE=C9=D7=C5=D2=D3=C1=CC=D8=CE=CF, =DE=C5= =CD SSL policy. >=20 > =EE=D5, =D4=C5=CD =CE=C5 =CD=C5=CE=C5=C5 - =EE=D5 =C8=CF=D2=CF=DB=CF, =D0=D5=D3=D4=D8 =C2=D5=C4=C5=D4. > >> 3. =F7=D3=C5 =DE=CC=C5=CE=D9 =CB=CF=CD=C1=CE=C4=D9 ALT =C9=CD=C5=C0=D4= =D0=D2=C1=D7=CF =D0=CF=D0=D2=CF=D3=C9=D4=D8 =DA=C1=D7=C5=D2=C5=CE=CE=D9=C5= =DC=D4=C9=CD CA > >> =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=D9 =D7 =CC=C0=C2=CF=CD =CB=CF=CC=C9=DE= =C5=D3=D4=D7=C5 =C4=CC=D1 =D3=D7=CF=C9=C8 =CC=C9=DE=CE=D9=C8 =CE=D5=D6=C4. > >=20 > > =FC=D4=CF =D5=D4=D7=C5=D2=D6=C4=C5=CE=C9=C5 =CE=C1=C4=CF =D0=C5=D2=C5= =C6=CF=D2=CD=D5=CC=C9=D2=CF=D7=C1=D4=D8 =D4=C1=CB=C9=CD =CF=C2=D2=C1=DA=CF= =CD, =DE=D4=CF=C2=D9 =C9=D3=CB=CC=C0=DE=C9=D4=D8 > > =CE=C5=D0=D2=C1=D7=C9=CC=D8=CE=D5=C0 =D4=D2=C1=CB=D4=CF=D7=CB=D5, =CE= =C1=D0=D2. =D2=CF=D3=D4 =CB=CF=CC=C9=DE=C5=D3=D4=D7=C1 =D3=C5=D2=D4=C9=C6= =C9=CB=C1=D4=CF=D7 =D7 > > =C7=C5=CF=CD=C5=D4=D2=C9=DE=C5=D3=CB=CF=CA =D0=D2=CF=C7=D2=C5=D3=D3=C9= =C9. >=20 > =E4=C1 =D7 =CF=C2=DD=C5=CD - =C9 =D7 =C7=C5=CF=CD=C5=D4=D2=C9=DE=C5=D3=CB= =CF=CA - =D1 =CE=C9=DE=C5=C7=CF =CF=D3=CF=C2=C5=CE=CE=CF =D3=D4=D2=C1=DB=CE= =CF=C7=CF =CE=C5 =D7=C9=D6=D5. > =E5=D3=CC=C9 =C2=D5=C4=C5=D4 =CE=C5=CF=C2=C8=CF=C4=C9=CD=CF=D3=D4=D8 =D7= =D9=D0=C9=D3=D9=D7=C1=D4=D8 =C9=C8 =D4=D9=D3=D1=DE=C1=CD=C9 - =C4=CC=D1 =DC= =D4=CF=C7=CF =C5=D3=D4=D8 > =D7=D3=C5=D7=CF=DA=CD=CF=D6=CE=D9=CA =C2=CF=CC=C5=C5-=CD=C5=CE=C5=C5 =D3= =D7=CF=C2=CF=C4=CE=D9=CA =D3=CF=C6=D4 (=D7=D3=D1=CB=C9=C5 http://www.openca= .info/, > http://pki.openca.org/ =C9 =D4.=D0.), =D3=D4=C1=CE=C4=C1=D2=D4=CE=C1=D1 = =D0=D2=CF=C3=C5=C4=D5=D2=C1 - =DA=C1=D0=D2=CF=D3 > =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=C1 - =D7=D9=D0=C9=D3=D9=D7=C1=CE=C9=C5 =D3= =C5=D2=D4=C9=C6=C9=CB=C1=D4=C1. OK > >> ALT Linux TLS policy =C4=CF=D3=D4=D5=D0=CE=C1 =CE=C1 http:// > >=20 > > SSL policy =C9=CC=C9 TLS policy? :) >=20 > =F7=CF=CF=C2=DD=C5 - =CC=D5=DE=DB=C5 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8= =D4=C5=D2=CD=C9=CE TLS, =CF=CE =D0=CF=CC=CE=CF=D3=D4=D8=C0 =DA=C1=CD=C5=CE= =C9=CC =D3=CF=C2=CF=CA SSL > =C5=DD=C5 =D7 1999 =C7=CF=C4=D5. >=20 > http://en.wikipedia.org/wiki/Transport_Layer_Security#History_and_develop= ment =F4=CF=CC=D8=CB=CF =C1=C2=C2=D2=C5=D7=C9=C1=D4=D5=D2=C1 SSL =D7=D3=A3 =C5= =DD=A3 =C2=CF=CC=C5=C5 =D2=C1=D3=D0=D2=CF=D3=D4=D2=C1=CE=C5=CE=C1. =F4=CF= =C7=C4=C1 =CD=CF=D6=C5=D4 SSL/TLS? > >> 5.2. =EF=D4=D3=D5=D4=D3=D4=D7=C9=D1 =D4=C1=CB=CF=C7=CF =D4=C5=CB=D3=D4= =C1 - bug. > >> > >> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D > >> > >> =EF=CE=CF =D6=C5 =DA=C1=CB=C9=CE=D5=D4=CF =CE=C1 http://www.freesource= .info/wiki/Altlinux/Policy/TLS > >> > >> =F0=D2=CF=DB=D5 =D0=CF=CD=CF=DE=D8 =D7=D0=C9=D3=C1=D4=D8 =DA=CE=C1=DE= =C5=CE=C9=D1 =D7 <...> =C9 =D7=D9=D3=CB=C1=DA=C1=D4=D8=D3=D1 =CE=C1=D3=DE= =C5=D4 =CF=C2=DD=C5=C7=CF > >> =D7=C9=C4=C5=CE=C9=D1 =D7=CF=DA=CD=CF=D6=CE=CF=D3=D4=C9 =D0=D2=C9=CE= =D1=D4=C9=D1 =D4=C1=CB=CF=CA policy. > >=20 > > =EE=C5 =D7=C9=D6=D5 =D0=D2=C9=CE=C3=C9=D0=C9=C1=CC=D8=CE=D9=C8 =D4=D2= =D5=C4=CE=CF=D3=D4=C5=CA. >=20 > =E8=CF=D2=CF=DB=CF, =D4=CF=C7=C4=C1, =CE=C1=D3=CB=CF=CC=D8=CB=CF =D1 =D0= =CF=CE=C9=CD=C1=C0 - =CE=C1=C4=CF =C4=CF=D2=C5=DB=C1=D4=D8 =D7=CF=D0=D2=CF= =D3=D9 =D3 > =C6=CF=D2=CD=D5=CC=C9=D2=CF=D7=CB=C1=CD=C9 =C9 =CD=CF=D6=CE=CF =D3=C4=C5= =CC=C1=D4=D8 =D0=C5=D2=D7=D9=C5 =DB=C1=C7=C9: >=20 > 1. =F3=C7=C5=CE=C5=D2=C9=D2=CF=D7=C1=D4=D8 =DC=D4=CF=D4 =D3=C1=CD=D9=CA r= oot CA > 2. =F0=CF=CC=CF=D6=C9=D4=D8 =C5=C7=CF =D7 =D0=C1=CB=C5=D4 openssl OK, =DC=D4=CF =D1 =D3=C4=C5=CC=C1=C0. > 3. =F7=D9=D0=C9=D3=C1=D4=D8 =CE=D5=D6=CE=D9=C5 =D3=C5=D2=D4=C9=C6=C9=CB= =C1=D4=D9 =CE=C1 =D3=C5=D2=D7=C5=D2=D9 *.altlinux.* =C9 =D2=C1=DA=CC=CF=D6= =C9=D4=D8 =C9=C8 > =C7=C4=C5 =CE=D5=D6=CE=CF =FC=D4=CF, =D7=C9=C4=C9=CD=CF, =D4=CF=D6=C5 =CD=CE=C5 =D0=D2=C9=C4=A3=D4=D3= =D1 =C4=C5=CC=C1=D4=D8, =D0=D2=C9 =D3=CF=C4=C5=CA=D3=D4=D7=C9=C9 =C1=C4=CD= =C9=CE=C9=D3=D4=D2=C1=D4=CF=D2=CF=D7 =D3=CF=CF=D4=D7=C5=D4=D3=D4=D7=D5=C0=DD=C9=C8 =D3=C1=CA=D4=CF=D7. > 4. =F7=D7=C5=D3=D4=C9 policy =D7 =C4=C5=CA=D3=D4=D7=C9=C5 =EB=C1=CB =D5 =CE=C1=D3 =D0=D2=C9=CE=D1=D4=CF =D7=D7=CF=C4=C9=D4=D8 policy = =D7 =C4=C5=CA=D3=D4=D7=C9=C5? --=20 ldv --OaZoDhBhXzo6bW1J Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFxQm5fKvmrJ41Nh4RAn1eAKCzypMnN7I4aci2cvWf4rILR5BDVgCfSnDR AwuYjfGaijzeFfe8LqDkdPI= =kwRu -----END PGP SIGNATURE----- --OaZoDhBhXzo6bW1J--