From: Mithun Kumar
Sent: Friday, October 07, 2011 5:54 PM
Hello All,
I want to use OpenSSL for the application that i am writing. Could someone
direct me what is the best starting point. I tried Google but failed to find
any examples.
PS: I hope i am posting on the right forum.
-Thanks
mithu
On Fri, Oct 7, 2011 at 1:55 PM, Diffenderfer, Randy
wrote:
> How worried should I be about the contents of this?
>
> http://www.kb.cert.org/vuls/id/864643 (published 2011-9-27)
>
> Is this the topic that flitted across the board a week or so ago?
SSL_OP_ALL includes SSL_OP_DONT_INSERT_EMPTY_FRAG
On Sat, Oct 8, 2011 at 6:39 AM, Rick Lopes de Souza
wrote:
> Another thing that i know is that RSA can only sign things that are smaller
> than the size of the key used.
No - you can sign a message of arbitrary length - a suitable message
digest is what is encrypted (well, decrypted) in the RSA
Hi all,
This week i was in doubt to implemment some methods to sign using OpenSSL. I
know that RSA needs the hash algorithm to do the padding scheme and ECDSA
doesn't need.
Another thing that i know is that RSA can only sign things that are smaller
than the size of the key used. I can imagine that
Hi Richard,
Thanks for the reply, I did some research and found that there is an openssl
patch which can get me this option, I tried it in my lab and it works also.
Here is the location of patch
http://technotes.googlecode.com/git-history/3bea6d3d226c878577c0d520784e14f2c8efbe1c/openssl-1.0.0d
Hello All,
I want to use OpenSSL for the application that i am writing. Could someone
direct me what is the best starting point. I tried Google but failed to find
any examples.
PS: I hope i am posting on the right forum.
-Thanks
mithun
On Fri, Oct 7, 2011 at 7:40 PM, Kristen J. Webb wrote:
>
> My understanding is that a TLS connection with a server cert
> only identifies the server to the client. This leads to a MiTM
> attack, where the mitm can impersonate the client because the server
> has not verified the client.
Your unde
