- Original Message -
From: "Dr. Stephen Henson" <[EMAIL PROTECTED]>
To:
Sent: Saturday, March 04, 2006 5:24 AM
Subject: Re: How is default cipher selected ?
> On Sat, Mar 04, 2006, Urjit Gokhale wrote:
>
> > Hi All,
> >
> > I have an echo server (a C application) which uses SSL.
> > In
Doug,
Certpatch was needed when OpenSSL did not have support
for SubjAltName. That is the reason you don't find it
in the latest version of OpenBSD.
You will find certpatch in an old CVS snapshot in the
OpenBSD tree.
I am attaching a slightly modified certpatch for your
use.
All the best!
re
Ummm
have you even looked at the FIPS testing criteria? Have you looked at
the FIPS 140-2 standard? Just because you have a well-known FIPS
company guiding you through the process doesn't mean you're going to
get certified -- and, in fact, they may well steer you wrong just to
collect more c
Hi --
Thanks for the below info.
Below is some info on why I have been asking questions that are FIPs
oriented. I'd appretiate if anything you see here that is not correct you
would comment on -- we are new to FIPs process, which is, no doubt, probably
obvious if you saw my other posts :)
***We
Well, i used the MS CryptoAPI to have full support!
--sk
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Perry L. Jones
> Sent: Freitag, 3. März 2006 15:15
> To: openssl-users@openssl.org
> Subject: SMIME version 3 support
>
>
> Hello,
>
> The m
At this time, no TLS extensions are implemented (except in the
experimental 0.9.9 codebase).
-Kyle H
On 3/3/06, POUJOL Stephane <[EMAIL PROTECTED]> wrote:
>
> hello,
> Does open SSL support the Maximum Fragment Length Negotiation as defined in
> the TLS extensions ( RFC 3546 )?
>
> thanks
>
> ste
On Fri, Mar 03, 2006, OpenSSLGRT wrote:
> I did see that but I think I misunderstood, so ...
> I still am not sure then how I would accomplish the following:
> 1.) Take a seed and the known output of the PRNG with that seed.
> 2.) Seed the PRNG with the seed and get a RAND
> 3.) See if that RAND i
On Sat, Mar 04, 2006, Urjit Gokhale wrote:
> Hi All,
>
> I have an echo server (a C application) which uses SSL.
> In the serve, calling SSL_get_cipher() and SSL_get_cipher_version() after
> SSL_accept() returns this:
> ==
> SSL cipher is : DES-CBC3-SHA
> SSL cipher version is : TLSv1/SSLv3
Hi All,
I have an echo server (a C
application) which uses SSL.
In the serve, calling SSL_get_cipher() and
SSL_get_cipher_version() after SSL_accept() returns this:
==
SSL cipher is : DES-CBC3-SHASSL cipher
version is : TLSv1/SSLv3
==
I would like to know how this default cipher
I did see that but I think I misunderstood, so ...
I still am not sure then how I would accomplish the following:
1.) Take a seed and the known output of the PRNG with that seed.
2.) Seed the PRNG with the seed and get a RAND
3.) See if that RAND in step 2 I sthe same as the one in Step 1
The belo
On Fri, Mar 03, 2006 at 02:02:46PM -0500, OpenSSLGRT wrote:
>When calling RAND_pseudo_bytes is it correct that the PRNG will not
>give the same result even though I have the same seed (I thought if I
>had the same seed I could get the same results each time)?
>From 'man RAND_seed'
When calling RAND_pseudo_bytes
is it correct that the PRNG will not give the same result even though I have
the same seed (I thought if I had the same seed I could get the same results
each time)?
Thank you!
The below produces two different
random numbers:
#include
#include
#
On Fri, Mar 03, 2006 at 12:11:24PM -0500, Xie Grace Jingru-LJX001 wrote:
> I generated the key and self-signed certificate by doing the following:
>
> openssl genrsa -out privkey.pem 2048
> openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
>
> I install the cert and key on my HTT
Xie Grace Jingru-LJX001 wrote:
(1) what was just going on during the negotiation and security
connection setup? The sequence of the handshaking.
(2) Is the public key part of the certificate being passed to the
client?
(3) Did the server authenticate the client in this process? or there is
no au
Hi
I generated the key and self-signed certificate by doing the following:
openssl genrsa -out privkey.pem 2048
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
I install the cert and key on my HTTPS server. From a browser, I entered
https://serverIPaddress on the browser, the
I am having an issue with one of your software products. At first it
looked like MS outlook 2003 was sending SMIME v3 email message and
SMIME_read_PKCS7 was having trouble parsing it. I have since found that
this is not the case. It look more like a problem in how we are parsing
other parts
Hi all,
I'm trying to get a win2k interpolate with a OpenBSD 3.8 using ISAKMPD.
The problem is I get a "no keystate in ISAKMP SA" error.
I suspect that my certificate are not well done. I mean ISAKMPD with a pre-shared key work perfectly.
I've read that with ISAKMPD I must use a FQDN as altSubj
hello,
Does open SSL
support the Maximum Fragment Length Negotiation as defined in the TLS extensions
( RFC 3546 )?
thanks
stephane
On Fri, Mar 03, 2006, Perry L. Jones wrote:
> Hello,
>
> The man page for smime says that openssl does not support smime version
> 3. Under the BUGS section.
>
> http://www.openssl.org/docs/apps/smime.html
>
> Does anyone know if there is any work being done to support smime
> Version 3?
>
Hello,
The man page for smime says that openssl does not support smime version
3. Under the BUGS section.
http://www.openssl.org/docs/apps/smime.html
Does anyone know if there is any work being done to support smime
Version 3?
If not is there possible another C api that already has support
Depending on what you want to do - mostly you are
better of with Bouncycastle if you want just a crypto
libary for Java instead of a "wrapper"...
--- "comeochris (sent by Nabble.com)"
<[EMAIL PROTECTED]> wrote:
> I would like use the OpenSSL libraries from Java
> with windows,
> I search a java w
Hello,
Sorry for my bad english
I would like use the OpenSSL libraries from Java with windows,
I search a java wrapper for openssl but the problem is that this java
wrapper must work under Windows OS not under mac OS
(cf http://www.warnertechnology.com/Computers/Software/JavaOpenSSL.shtm
On Fri, Mar 03, 2006 at 08:12:41AM +, Mike McEwen wrote:
> >I want my application to trust certificates sign by the major CAs out
> >there. Does anyone know of a way to hook up to the place where
> >Windows stores its list of CAs? Or maybe just a place where I can
> >download the keys of t
Mikhail Kruk wrote:
Hello,
I want my application to trust certificates sign by the major CAs out
there. Does anyone know of a way to hook up to the place where
Windows stores its list of CAs? Or maybe just a place where I can
download the keys of the standard CAs (like Verisign, Thawte...).
24 matches
Mail list logo
