Re: Suggestions for the password storing

2004-08-09 Thread Joseph Bruni
In a user's brain. Any file that is readable by the system is, well, readable, therefore is only as secure as the OS can make it. On OS X you could use the Keychain Services to store your password in an encrypted database, available via an API. This is available as Open Source if you're interes

question about TLS bytestream order

2004-08-09 Thread weijun jiang
Hi all, I like to know which spec specifies the byte order for the TLS data stream? For example, in the section A.1 (Record Layer) of RFC 2246, it shows the ProtocolVersion before the ContentType. But the openSSL seems sending the value of the ContentType before the value of ProtocolVersion in th

Re: mutual authentication

2004-08-09 Thread Tan Eng Ten
I think this is OpenSSL's mailing list and not JSSE :) (B (BAnyway, my quick guess is probably you need to add the "-trustcacert" (Boption when doing the Java's keytool import. (B (BCheers (B (B[EMAIL PROTECTED] wrote: (B> Hi! (B> (B> I have the following problem in mutual authentication

Random number seed in RSA

2004-08-09 Thread Joe smith
Hi, I have a snippet that encrypts/decrypts using RSA.   #include #include #include // RSATest: Program illustrating Simple RSA Encryption/Decryption int main() { char *plain="Sample text"; //Sample text (plain text) to Encrypt/Decrypt char *ciphertext; char *plain1; int enclen,i,declen; pri

RE: Suggestions for the password storing

2004-08-09 Thread David Schwartz
> Hi team!! > I have a "big" question, where is an appropriate place to store the encryption > password of the private key? I mean, the security base of the priv key is based on > the > password which is encrypted it (PKCS#1), so where will be a safe place > to put this pwd in the client's co

Suggestions for the password storing

2004-08-09 Thread Carlos Roberto Zainos H
Hi team!! I have a "big" question, where is an appropriate place to store the encryption password of the private key? I mean, the security base of the priv key is based on the password which is encrypted it (PKCS#1), so where will be a safe place to put this pwd in the client's computer (win

Re: openssl reads client cert. error when no client cert. required

2004-08-09 Thread Dr. Stephen Henson
On Mon, Aug 09, 2004, Yan Zhou wrote: > I was not using a browser, I am writing a client using JSSE to make web > service calls. And I only see this error once in a while. That does not > sound like the issue with SGC? > Well the other possibility is that the client sometimes prematurely closes