On Fri, May 30, 2008 at 09:18:11PM -0700, [EMAIL PROTECTED] wrote:
> This is my first post on the list, am new to OpenSSL and need a simple
> guidance to begin programming. I'm C++ programmer and require to implement
> SSL support to a very simple program, just need to send a small FORM POST
> via
I think you just configure your webserver with https support and
then use that secure protocol for communication.
--
Keith Hellman #include
[EMAIL PROTECTED]from disclaimer import standard
[EMAIL PROTECTED]
-*-
Hello list
This is my first post on the list, am new to OpenSSL and need a simple
guidance to begin programming. I'm C++ programmer and require to implement
SSL support to a very simple program, just need to send a small FORM POST
via https and receive back 6 lines of text. I have already a workin
Travis wrote:
> Agreed.
>
> Let's assume that users tend to pick the password "password" when
> given a choice.
>
> Now adversaries try the most common password, namely "password", first.
>
> Security conscious admins ban the word "password" as a password.
> Yes, this does reduce the keyspace a t
On Fri, May 30, 2008, Mathias Brossard wrote:
> Kyle Hamilton wrote:
>> The FIPS certification process is a black box. Literally, it will be
>> complete when it will be complete, and we can't know until it goes
>> into final recommendation phase (which is usually the last step before
>> NIST gran
Kyle Hamilton wrote:
The FIPS certification process is a black box. Literally, it will be
complete when it will be complete, and we can't know until it goes
into final recommendation phase (which is usually the last step before
NIST grants the certification).
I've seen on the OpenSSL files wit
On Friday 30 May 2008 07:39:08 [EMAIL PROTECTED]
wrote:
> I personally don't like the idea of generating keys that people will
> try, or using a weak/known key with small probability, but in this
> case I think it's so small that simply scanning for and banning such
> keys is good enough.
What
There are a couple of different ways to "export" a private+certificate
file to just a certificate file, these are the commands I've found:
Export JUST the certificate PKS12 -> PEM format
$ openssl pkcs12 -in B.p12 -nokeys -out B.crt
Export JUST the certificate in PEM -> PKCS12 format
$ openssl p
On Friday 30 May 2008 07:39:08 [EMAIL PROTECTED] wrote:
> I personally don't like the idea of generating keys that people will
> try, or using a weak/known key with small probability, but in this
> case I think it's so small that simply scanning for and banning such
> keys is good enough.
>
> I was
On Fri, May 30, 2008, Tuan Nha wrote:
> I complie 0.9.8h today and attempted to run onwin32 machine,
> but I have bug:
>
> openssl pkcs12 -export -in MyCert.pem -inkey MyKey.pem -out MyCert.p12
>Loading 'screen' into random state - done
>Enter pass phrase for MyKey.pem:
>Enter Export P
On Wed, May 28, 2008 at 10:55:18PM -0700, David Schwartz wrote:
> Okay, I guess I give up. I now realize that I had no idea what
> you meant in your past few comments. What relevance do you think
> this notion of weak keys has to do with this issue, since you
> were the one who brought it up?
>
>
On Thu, May 29, 2008 at 10:14:12AM -0400, Victor Duchovni wrote:
> And then knowing that attackers never choose these keys, users start
> using these keys because attakers avoid them, and then attackers start
> checking these first again, ... This way lies madness. Fix your premise
> and don't chan
On Wed, May 28, 2008 at 08:01:11PM +0200, Ger Hobbelt wrote:
> Anything (such as passwords) which has been used on an *actual*
> 'compromized box' (be it one of 'those Debian' releases or otherwise)
> to _generate_ keys plus any keys _produced_ on such a compromised box
> must be eradicated and are
On Fri, May 30, 2008, Massimiliano Ziccardi wrote:
> Hi all.
> The attached file is the PEM encoding of a file structured this way:
>
> SIGNATURE 1
>COUNTER SIGNATURE 1 of SIGNATURE 1
>COUNTER SIGNATURE 1 of COUNTER SIGNATURE 1 of SIGNATURE 1
>
> each signer has a different signature
The FIPS certification process is a black box. Literally, it will be
complete when it will be complete, and we can't know until it goes
into final recommendation phase (which is usually the last step before
NIST grants the certification).
-Kyle H
On Fri, May 30, 2008 at 1:57 AM, Gatfield, Geoffr
Hi
Bingo !
I'm a stupid freak imbecile guy :-! :-[ :'(
I've just a very tiny excuse : the 3 lines of code I didn't show you,
which are executed when there is no error are supposed to log the stored
certificate. But the log was set up at a too detailed level, which I
don't activate usually !
So
Hello Everyone,
Is there any update on when openssl-fips-1.2.0 certification will be
complete?
Geoff
Vinni a écrit :
Hello
i am using SSL_CTX_load_verify_locations() to load the CA certs.
I have another question that ..
How actually the SSL_accept get the client certificate ?? Is its internal
function also fetch the
CA certificate of the client or it check the CA list of its own that is set
Hi all.
The attached file is the PEM encoding of a file structured this way:
SIGNATURE 1
COUNTER SIGNATURE 1 of SIGNATURE 1
COUNTER SIGNATURE 1 of COUNTER SIGNATURE 1 of SIGNATURE 1
each signer has a different signature certificate (3 certificate total).
Why the
STACK_OF(X509) *pSi
Hello
i am using SSL_CTX_load_verify_locations() to load the CA certs.
I have another question that ..
How actually the SSL_accept get the client certificate ?? Is its internal
function also fetch the
CA certificate of the client or it check the CA list of its own that is set
by the above functi
20 matches
Mail list logo
