Unless we're missing something very badly (always
a possibility), Verisign is still the key player in
the server side certificate market, with Thawte
next up. There are a number of smaller up and
coming CAs out there as well - we've been publishing
stats on the pentration of CAs, and SSL as a whol
Hi
I'd like to post some stuff to a https server from a perl script
using client cert secured SSL v3 connections. At the moment everything
works with server cert SSL v2 but I have no idea how to switch to
SSL v3. How do I tell my script which cert file to use and which
password is needed to use
At 01:08 PM 11/30/99 , you wrote:
>"Leland V. Lammert" <[EMAIL PROTECTED]> writes:
> > 1) Purchase an Apache like Stronghold (at $1K+ not an option for a small company).
>Completely legal in the US?
>Frankly, I find this baffling. I work for a small company (two people)
>and we bought well over 3
Andrew Cooke <[EMAIL PROTECTED]> writes:
> This isn't quite true - you can compile OpenSSL to be copyright free.
You mean without the patented algrorithms, presumably? (i.e., "patent
free" not "copyright free".) The code is still copyright, but the
copyright looks pretty liberal (and wouldn't
Does anybody know why both IE and Netscape browser implement exclusively RSA
certificates?
My feeling is that Microsoft and Netscape both made a deal with RSA Security
to get a "low" price RSA license at the condition of not implementing DSA.
Nicolas Roumiantzeff.
-Message d'origine-
De
Here's another couple options:
1) www.thwaite.com
2) co-locate with a hosting company not in the USA.
On Mon, 29 Nov 1999 09:59:14 -0600, Leland V. Lammert wrote:
>At 03:54 AM 11/24/99 , you wrote:
>
>>Didn't mean for this to run on so, but it's now the wee hours of
>>a holiday
>
> I'm using openssl version 0.9.4 and have an odd problem. I can make a
> valid SSL connection every other time that I run my app (this happens on
>
> both win32 and Solaris). I have debugged down into the ssl library and
> find that when it fails, it fails in the get_server_hello() function
At 07:59 AM 11/29/99 , Leland V. Lammert wrote:
>I, for one, would be most interested if you can comment on (or add to) the
>following options as I see them for a US based company that wishes to
>build a SSL-based web server:
>
>1) Purchase an Apache like Stronghold (at $1K+ not an option for a
> From: Arne Coucheron <[EMAIL PROTECTED]>
> Date: 30 Nov 1999 02:15:06 +0100
>
> I have a fixed rpm package available at
>
> ftp://ftp.sol.no/public/users/a/arneco/linux/>
Many Thanks!
-- Mark
__
OpenSSL Project
"Leland V. Lammert" <[EMAIL PROTECTED]> writes:
> 1) Purchase an Apache like Stronghold (at $1K+ not an option for a small company).
>Completely legal in the US?
Frankly, I find this baffling. I work for a small company (two people)
and we bought well over 3K in computers and software last year.
Dr Stephen Henson wrote:
> Andrew Cooke wrote:
> > However, it seems to me that it would be better if the verifier had only
> > the root CA certificate, and the verifiee supplied not just its
> > certificate, but the intermediate certs in the chain. In this way, the
> > verifier would not need
This isn't quite true - you can compile OpenSSL to be copyright free.
However, as far as I know (and my knowledge is a bit out-of-date, so
this may have changed), this then leaves SSL with cipher suites which
are not supported by the common browsers. So you can only write secure
applications tha
12 matches
Mail list logo
