RE: Is it legal to distribute the client certificates from Netscape with a comme

> Eric Wertz wrote: > > As far as the (re)distribution question has goes, what you "probably" > > cannot do without permission is to redistribute the actual *package* of > > certificates that Netscape has put together for the purpose of > > embedding > > in their browser. Since the overwhelming

RE: data dependence with md5/64-bit RSA?

> So to clarify: If I generate a 65-bit key, will I be able to use that > 65-bit key to sign any 64-bit value? Yes, however, a 65-bit RSA key can be broken with relative ease. You could solve your three most obvious problems by using a 384-bit RSA key and using it to sign the full SHA1 h

Re: data dependence with md5/64-bit RSA?

What you may be missing is the "data padding" stuff, which makes the encrypted payload somewhat longer than just what you pass off to the encoding routine. IIRC it throws an 8-sided die and prepends to the messate either 01 02 02 03 03 03 ... 08 08 08 08 08 08 08 08 also there may be some length f

Re: Comodo not getting subject from CSR cert

Suso Banderas wrote: Can anyone respond to this? At least to let me know that I am thinking along the right track? Is there any expectation that the CA should be using the subject from the CSR that the customer sends? I think the "standard model" is that the CA rejects requests until the clien

Re: data dependence with md5/64-bit RSA?

On Tue, Dec 07, 2004, Jesse Hammons wrote: > > > Jesse Hammons wrote: > > > >> So to clarify: If I generate a 65-bit key, will I be able to use that > >> 65-bit key to sign any 64-bit value? > > > > Yes, but > > Actually, I have found the answer to be "no" :-) > > > a 65 bit key won't be very s

Re: data dependence with md5/64-bit RSA?

It sounds like the data is being padded (perhaps automatically). There are several standards for padding data prior to applying RSA encryption. It seems that whatever padding is being used is adding about 10 bytes. One of the PKCS standards should be able to explain everything that's happen

Re: data dependence with md5/64-bit RSA?

> Jesse Hammons wrote: > >> So to clarify: If I generate a 65-bit key, will I be able to use that >> 65-bit key to sign any 64-bit value? > > Yes, but Actually, I have found the answer to be "no" :-) > a 65 bit key won't be very secure AT ALL, it will be > very easy to factor a modulus that smal

Re: Comodo not getting subject from CSR cert

On Mon, Dec 06, 2004, Suso Banderas wrote: > > > So, after checking the subject in the CSR cert, I sent them the same > CSR that I sent them through the web form. Within an hour I got a new > certificate with the same problem as before, it had the subject that was > not from the CSR, but fro

BN assembly optimization

Title: BN assembly optimization Hello, I have couple of questions regarding BN assembly optimization code, I'll appreciate any comments. How do I create object file from the perl script in ppc.pl ? Have anyone used this optimization for PowerPC 750  ? Thanks,   Erez

Re: data dependence with md5/64-bit RSA?

Jesse Hammons wrote: So to clarify: If I generate a 65-bit key, will I be able to use that 65-bit key to sign any 64-bit value? Yes, but a 65 bit key won't be very secure AT ALL, it will be very easy to factor a modulus that small. Bottom line: asymmetrical (public-key) encryption has a fairly lar

Re: Comodo not getting subject from CSR cert

Can anyone respond to this? At least to let me know that I am thinking along the right track? Is there any expectation that the CA should be using the subject from the CSR that the customer sends? On Mon, Dec 06, 2004 at 03:38:52AM GMT > > I'm having trouble with Comodo/InstantSSL. I th

Re: creating a CDP with dirName and multiple DC= statements

On Tue, Dec 07, 2004, [EMAIL PROTECTED] wrote: > Hi > > I'd like to create certificates that have a crlDistributionPoint set to > X509v3 CRL Distribution Points: > DirName:/DC=NET/DC=Company/CN=mycrl > > I've set inside openssl.cnf > > crlDistributionPoint = @dirname_cdp > > [ dirname_cdp

creating a CDP with dirName and multiple DC= statements

Hi I'd like to create certificates that have a crlDistributionPoint set to X509v3 CRL Distribution Points: DirName:/DC=NET/DC=Company/CN=mycrl I've set inside openssl.cnf crlDistributionPoint = @dirname_cdp [ dirname_cdp ] dirName = dir_name [ dir_name ] DC=NET DC=Company CN=mycrl But th

Re: about "Changes between 0.9.7d and 0.9.7e."

On Tue, Dec 07, 2004, Takurou Saitou wrote: > Hi, > > I have a question about "Reduce the chances of duplicate > issuer name and serial numbers (inch violation of RFC3280) > using the OpenSSL certificate creation utilities." described > by "Changes between 0.9.7d and 0.9.7e." . > > I underst

OpenSSL Patched version with OpenTSA

Hi All, I have tried to patch the openSSL with OpenTSA patch but I couldn't get the things right, I need to build the dlls for Win32 platform so if there is some place where I can get the openTSA patched version of OpenSSL and libs as well then it would be great for me, other wise do let me know t

about "Changes between 0.9.7d and 0.9.7e."

Hi, (B (BI have a question about "Reduce the chances of duplicate (Bissuer name and serial numbers (inch violation of RFC3280) (Busing the OpenSSL certificate creation utilities." described (Bby "Changes between 0.9.7d and 0.9.7e." . (B (BI understand that the chance of the duplicate of