Jeffrey Altman wrote:
> CryptoAPI doesn't break EAR regulations because the strength
> of the crypto available to the application is strictly controlled
by
> Microsoft.
I wouldn't be so sure nobody is able to write sth. like Fortify
for Netscape. BTW: What about Netscape in such case?
Do you k
Hi all,
I know this is a thin report, but I'll give it a try anyway. I'm working on
a telnetd patch for the IETF draft STARTTLS spec using openssl. If I set up
openssl on the telnetd server with:
ctx = SSL_CTX_new(TLSv1_server_method());
or
ctx = SSL_CTX_new(TLSv1_method());
and then access thi
openssl rsa -inform DER -in file.der -out file.pem [-des|3des|...]
eric lannaud schrieb:
>
> Hi,
>
> How to convert a Private key in DER Format (binary file) to a PEM
> Format(ascii file)?
>
> Thank you for your help
> Eric
--
Holger Reif Tel.: +49 361 74707-0
SmartRing GmbH
Hi,
I'm trying to connect to a site with a self signed certificate. And I
get the below error message. I am able to correctly connect to other
secured sites...
Thanks in advance for the help.
8 /home/pziatek > openssl s_client -connect security.corp.sgi.com:443
-state
SSL_connect:before/connec
Matthias Liebetanz wrote:
>
> This error occured when I tried to make a server certificate:
>
> >OpenSSL> req -new -x509 -days 365 -key ca.key -out ca.crt
> >Using configuration from c:\openssl\openssl.cnf
> >Unable to load config info
> >Enter PEM pass phrase:
> >unable to find 'distinguished_n
Trickett Mark wrote:
>
> Please could you help we are urgently upgrading several and we are having
> trouble locating any Y2K compliance information for the following products
> :-
>
> Openssl - 1.03
That'll be because there isn't any. There isn't a version 1.03, either.
Paul Khavkine wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
>
> OpenSSL is a continuatin of SSLeay project done initially in australia
> It is an SSL developpement toolkit NOT an apache module.
> If you want to get a SSL module for apache go to:
> http://www.modssl.org
or http://www.apache-ssl.
It seems like everyone is a lawyer here. If I had a code with crypto
stuff in it that I was considering distributing outside the US, I
would pass it by my company legal staff and have them decide whether
or not it was legal to export. Leave the legal opinions to the legal
experts, so that th
I was analyzing the RNG routines of OpenSSL, especially
those related with Windows environment, RAND_screen seeds
the random generator with the contents of the screen. It
seems to be a poor RNG.
Anybody has a better RNG for Windows?
Any ideas, suggestions, or help would be most appreciated.
Than
At 10:42 AM 10/7/99 -0400, Salz, Rich wrote:
> >I'd be very thankfull if you, or anyone, could point me to the text of
> >the law that actually forbids export of "crypto with a hole".
>
>However, that's all the past. The current regulations are pretty
>explicit. You can find them at
>http://www.
At 10:42 AM 10/7/99 -0400, Salz, Rich wrote:
> >I'd be very thankfull if you, or anyone, could point me to the text of
> >the law that actually forbids export of "crypto with a hole".
>
>However, that's all the past. The current regulations are pretty
>explicit. You can find them at
>http://www.
This error occured when I tried to make a server certificate:
>OpenSSL> req -new -x509 -days 365 -key ca.key -out ca.crt
>Using configuration from c:\openssl\openssl.cnf
>Unable to load config info
>Enter PEM pass phrase:
>unable to find 'distinguished_name' in config
>problems making Certificat
At 10:14 AM 10/7/99 +0100, Ben Laurie wrote:
> > IIRC, providing "hooks" to strong-crypto stuff is also considered the same
> > as providing strong-crypto itself, according to U.S. Idiocy^WLaw.
>
>Allegedly, it isn't illegal, but the spooks keep telling everyone it is.
>IANAL.
Dunno. Sendmail's n
openssl base64 -in -out -e
Mike
-Original Message-
From: eric lannaud [SMTP:[EMAIL PROTECTED]]
Sent: Thursday, October 07, 1999 10:38 AM
To: [EMAIL PROTECTED]
Subject:convert a DER format to PEM?
Hi,
How to convert a Private key in DER Format (binary file) to a PEM
Fo
Hi,
How to convert a Private key in DER Format (binary file) to a PEM
Format(ascii file)?
Thank you for your help
Eric
S/MIME Cryptographic Signature
From: Michal Trojnara <[EMAIL PROTECTED]>
> Jeffrey Altman wrote:
> > Calling OpenSSL (or any other API that encrypts messages) is
> > "crypto with a hole". This is illegal to export from the United
> > States.
>
> Realy? Do you explicitly call any non-export algortihm?
> I could understand K
Please could you help we are urgently upgrading several and we are having
trouble locating any Y2K compliance information for the following products
:-
Openssl - 1.03
netssl - 0.9.1c
Regards
Mark Trickett
ICL UK
__
Linux is the kernel which gives me the ability to use apache, but I
certainly wouldn't direct problems with apache to the linux-kernel mailing
list. Windows allows me to use Eudora, but I wouldn't call Microsoft with
questions about how Eudora works. (OK, fair enough, I wouldn't bother
trying
-BEGIN PGP SIGNED MESSAGE-
OpenSSL is a continuatin of SSLeay project done initially in australia
It is an SSL developpement toolkit NOT an apache module.
If you want to get a SSL module for apache go to:
http://www.modssl.org
Have a nice day
On Thu, 07 Oct 1999, you wrote:
> Hi all,
>BTW: If you're right then any software using Microsoft
>CryptoAPI breaks EAR regulations.
Wrong.
With CryptoAPI, the export control is done by limiting which
CSP's can be exported, not which applications.
__
OpenSSL Project
> Jeffrey Altman wrote:
> > Calling OpenSSL (or any other API that encrypts messages) is
> > "crypto with a hole". This is illegal to export from the United
> > States.
>
> Realy? Do you explicitly call any non-export algortihm?
> I could understand Kerberos, where DES was called,
> so DES call
On Thu, Oct 07, 1999 at 04:00:02PM +0200, Holger Reif wrote:
> Sendmail Inc. works (or even distributes) a commercial version of
> sendmail with advanced features, among them support for TLS
> negotiation. But of course, only availabkle within USA.
I checked their website and could not see it men
Jeffrey Altman wrote:
> Calling OpenSSL (or any other API that encrypts messages) is
> "crypto with a hole". This is illegal to export from the United
> States.
Realy? Do you explicitly call any non-export algortihm?
I could understand Kerberos, where DES was called,
so DES calls had to be remo
Hi Mike,
yes, you are on the wrong mailing-list.
Mike Bartlett wrote:
>
> I was under the impression that OpenSSL was an SSL mod
> to Apache BASED ON SSLEAY and hence should have its own method or
> similar method to getca. Any idea where getca is - should I install
> something else?
No. OpenS
>I'd be very thankfull if you, or anyone, could point me to the text of
>the law that actually forbids export of "crypto with a hole".
John Gilmore used to be able to make a convincing case that export control
of CWAH was illegal.
(My personal opinion is that the rules were vague enough to let th
At 02:16 AM 10/7/99 , Mike Bartlett wrote:
>Now, I am under the impression that OpenSSL gives Apache the ability to
>use SSL and hence use certificates - if I'm wrong could someone please
>correct me. If I'm not - how then am I on the wrong mailing list?
OpenSSL give you the SSL *libraries* - to
26 matches
Mail list logo
