On Fri, Jun 06, 2008 at 10:56:56AM -0700, Ace wrote:
> Thanks Victor! Yes the performance is critical. Another thing is, I just
> checked the PKI handshakes with RC4 and was amazed to see the 75% of gain in
> performance. Am I loosing something more than DH parameters in handshakes
> when going wi
> On Thu, Jun 05, 2008, David Schwartz wrote:
>
> >
> > 1) All routines are based on a uint64_t to hold the seconds
> since the epoch.
> > So you can still easily convert to/from time_t for in-range values.
> >
>
> Well there has been a problem on some platforms in the past which
> don't have a
>
Thanks Victor! Yes the performance is critical. Another thing is, I just
checked the PKI handshakes with RC4 and was amazed to see the 75% of gain in
performance. Am I loosing something more than DH parameters in handshakes
when going with RC4?
On Fri, Jun 6, 2008 at 6:01 AM, Victor Duchovni <
[EM
On Fri, Jun 06, 2008, delcour.pierre wrote:
> Hello everyone,
>
> I have a different problem now. I want to add a "X509v3 Authority Key
> Identifier" field in a x509v3 certificate.
> This field must have these three parts :
> - keyid (the keyid of the issuer)
> - dirname (the same string as issue
Hello everyone,
I have a different problem now. I want to add a "X509v3 Authority Key
Identifier" field in a x509v3 certificate.
This field must have these three parts :
- keyid (the keyid of the issuer)
- dirname (the same string as issuer field)
- serial (of issuer)
int type = NID_authori
On Thu, Jun 05, 2008 at 10:28:28PM -0700, Ace wrote:
> PKI Handshakes are always the cause of worry when it comes to performance
> but now I am facing problems even with the normal encryption. The data size
> is around 2k. Woud you suggest using RC4-MD5?
I never suggest optimizing something, unti
On Thu, Jun 05, 2008, David Schwartz wrote:
>
> 1) All routines are based on a uint64_t to hold the seconds since the epoch.
> So you can still easily convert to/from time_t for in-range values.
>
Well there has been a problem on some platforms in the past which don't have a
64 bit integer type
Hello,
[EMAIL PROTECTED] wrote on 06/05/2008 03:01:14 PM:
> I am trying to establish a connection from a openldap/openssl client to
Oracle Internet
> Directory. I know this isn't much to go on but will at least begin the
conversation. I
> am getting the following error on the client. I am ab
> > Is there a plan to circumvent the limit, as opposed to just
> saying stay
> > within 2038 ?
> Afaik, the only current solution is to switch to 64bit openssl.
On a lot of platforms there are ways to use 64 bit time_t even on
32 bit OSs. This would look like a good interim solution IMHO.
Mark
Hello
Could you unsubscribe me from this mailing list.
Regards
Sunil.
From: [EMAIL PROTECTED] on behalf of David Schwartz
Sent: Fri 6/6/2008 10:09 AM
To: openssl-users@openssl.org
Subject: RE: 2038 date limit
> Changing this is would involve including indepe
10 matches
Mail list logo
