(No need to CC me, I get the list e-mails in the same inbox).
You could use any of the archives of the mail lists that are mentioned
on openssl.org.
However, I think I have repeated all the stuff you didn't already
discover in
todays post, just to keep everything together in one place.
On 1
Hi,
thanks for your infos
can you please tell me, where I can find your postings to this topic,
you made in the past?
On 19.03.2013 20:07, Jakob Bohm wrote:
Won't work (as you saw), this function doesn't take the actual
ContentInfo structure as input, but data which it will (mis)treat
as an
Also this might be useful for implementers:
http://msdn.microsoft.com/en-us/library/windows/desktop/bb931395(v=vs.85).as
px
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Jakob Bohm
Sent: Tuesday, March 19, 2013 12:07 PM
To:
On 3/18/2013 10:29 PM, Santhosh Kokala wrote:
Hi,
The application I am working on should not support TLS 1.1 and above
protocols. I am using SSL_CTX_set_options( ctx, SSL_OP_NO_TLSv1_1); to
disable the same after creating the SSL context. But it doesn’t seem to
disable the TLS1.1 and TLS1.2 prot
I have written a few posts about this timestamp format on this list
before, here are my supplemental comments to your description and
experiment:
On 3/17/2013 6:14 PM, Walter H. wrote:
Hello,
has anybody got an idea, how to programm/get such a timestamp server -
is not RFC 3161 conform -
with
Hello All,
I'm using openssl 1.0.1e.
I want to use these two example functions
X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char
*str2);
int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char
**str2);
included in the file "/openssl-1.0.1e/crypto/pkcs7/example.
Hello All,
I am using openssl 0.9.8r on one Linux box (BoxA) communicating with another
Linux box running openssl 1.0.0e (BoxB).
There are certain curl uploads that need to occur fromBoxA --> BoxB.
Usually we don't have any problems. But in a simulated environment, where there
could b
On 19 March 2013 14:18, azhar jodatti wrote:
> On Tue, Mar 19, 2013 at 6:24 PM, Matt Caswell wrote:
>> On 19 March 2013 12:22, azhar jodatti wrote:
>> >PEM_write_bio_DHparams(out, temp);//this prints public key in
>> > base64
>> > (this is what i think :) )
>>
>> This is NOT a base64 rep
On Tue, Mar 19, 2013 at 6:24 PM, Matt Caswell wrote:
> On 19 March 2013 12:22, azhar jodatti wrote:
> >PEM_write_bio_DHparams(out, temp);//this prints public key in
> base64
> > (this is what i think :) )
>
> This is NOT a base64 representation of the public key. This is
> printing out t
On 19 March 2013 12:22, azhar jodatti wrote:
>PEM_write_bio_DHparams(out, temp);//this prints public key in base64
> (this is what i think :) )
This is NOT a base64 representation of the public key. This is
printing out the parameters only (which does not include the public
key)
>
Well, to roll out the possibility of network error's, JSON values not
being passed properly and blah blah blah I just dropped that approach.
instead of that I am running C program which prints the prime,generator and
public key. I have another program on same machine which is written in java
where
On 19 March 2013 10:37, azhar jodatti wrote:
>
>
> On Tue, Mar 19, 2013 at 2:58 PM, Matt Caswell wrote:
>>
>> On 19 March 2013 09:01, azhar jodatti wrote:
>>
>> > And possibly relevant here, the standard Suncle JCE provider actually
>> > uses DSA paramgen for DH and thus imposes the DSA size res
On Tue, Mar 19, 2013 at 2:58 PM, Matt Caswell wrote:
> On 19 March 2013 09:01, azhar jodatti wrote:
>
> > And possibly relevant here, the standard Suncle JCE provider actually
> > uses DSA paramgen for DH and thus imposes the DSA size restrictions
> > on DH -- 512 to 1024 in steps of 64 -- altho
Thanks for great answer and explanation.
Without a deeper knowledge I had ask the TSA (as possible solution) to
move the ESSCertiId (or whatever) of TAC in signed attributes as
separate attribute (== out of certs list). Nice to see that was not so
bad Idea.
Unfortunately their conclusion was
On 19 March 2013 09:01, azhar jodatti wrote:
> And possibly relevant here, the standard Suncle JCE provider actually
> uses DSA paramgen for DH and thus imposes the DSA size restrictions
> on DH -- 512 to 1024 in steps of 64 -- although they aren't required
> by any standard I know of. I don't re
<--
And possibly relevant here, the standard Suncle JCE provider actually
uses DSA paramgen for DH and thus imposes the DSA size restrictions
on DH -- 512 to 1024 in steps of 64 -- although they aren't required
by any standard I know of. I don't recall if JCE also restricts
*existing* (received)
16 matches
Mail list logo
