Thanks for the reply Jakob. Is there a mapping in the government's
elliptic curve names to the names in OpenSSL?
For instance, the API EC_KEY_new_by_curve_name( int nid ) takes an id of
the EC name where the id can be something like
NID_X9_62_prime256v1, NID_X9_62_prime239v3, etc. that are defin
On 11/11/15 20:53, jonetsu wrote:
> In the NSA page referred above, the p-384 curves are specifically mentioned
> for DH. These would be the ones covered by the Suite B NSA license
> sub-licensed to OpenSSL, are they ? Is it possible to build OpenSSL in FIPS
> in such a way that only these curv
On 11/11/15 21:53, Igor Sverkos wrote:
> Hi,
>
> today I read [1] that Microsoft finally added support for TLS Extended
> Master Secret Extension to their SSL implementation (SChannel).
>
> The author was so kind to provide a test script [2] to check if your
> own servers support TLS Extended M
On Nov 9, 2015, at 3:46 PM, Peter P. wrote:
> I'm writing an application using Openssl 1.0.2d where I am trying to take a
> DER encoded unsigned CSR and read it into an X509_REQ data structure via the
> d2i_X509_REQ_bio() function. This function errors out during when I attempt
> to read in my
Hi,
today I read [1] that Microsoft finally added support for TLS Extended
Master Secret Extension to their SSL implementation (SChannel).
The author was so kind to provide a test script [2] to check if your
own servers support TLS Extended Master Secret extension yet.
Looks like my servers don'
In the NSA page referred above, the p-384 curves are specifically mentioned
for DH. These would be the ones covered by the Suite B NSA license
sub-licensed to OpenSSL, are they ? Is it possible to build OpenSSL in FIPS
in such a way that only these curves will be used ?
Regards.
--
View this
On 11/11/2015 21:02, Alex Chen wrote:
I see there is a list of recommended list by NIST in
http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf,
but it is very old (1999)
Is there a up to date list of elliptic curves approved or recommended
for government use in OpenSSL?
Is NID_X
I see there is a list of recommended list by NIST in
http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf, but
it is very old (1999)
Is there a up to date list of elliptic curves approved or recommended
for government use in OpenSSL?
Is NID_X9_62_prime256v1 the strongest?
Thanks
On 11/11/15 15:32, Paul Hebert wrote:
> Hello,
>
> After long delays with the client vendor (rhymes with 'Big Red'), I
> finally have a packet capture detailing the failing two-way
> authentication TLS 1.2 protocol exchanges - our handshake begins at
> packet 199 and proceeds with packet 214 bei
Hi OpenSSL Community,
I originally posted this message on the security area ML at IETF and I
am trying to reach out to a broad audience of experts, implementers, and
vendors. I would love to have contributions and implementations (once we
have some initial specs) around this initiative. I am s
Hello,
There is a thread in 2013 (30 May 03:15) in which Steve writes that OpenSSL
1.0.1 has a bug regarding the use of PKCS12 in FIPS mode since it tries to
handle a certificate using a non-FIPS component. I think I found the commit
that fixes this, although it is part of a quite huge commit
11 matches
Mail list logo
