> On Apr 3, 2019, at 4:16 PM, Jeremy Harris wrote:
>
>> Does the server have a temporally stable ticket decryption key?
>> Is this Exim? Is the server's SSL_CTX persistent and shared
>> across multiple connections?
>
> Ah, right. Unlike GnuTLS, the STEK is tied to the SSL_CTX and,
> as you
On 03/04/2019 22:16, Jeremy Harris wrote:
On 02/04/2019 17:03, Viktor Dukhovni wrote:
Does the server have a temporally stable ticket decryption key?
Is this Exim? Is the server's SSL_CTX persistent and shared
across multiple connections?
Ah, right. Unlike GnuTLS, the STEK is tied to the SSL_
On 02/04/2019 17:03, Viktor Dukhovni wrote:
> Does the server have a temporally stable ticket decryption key?
> Is this Exim? Is the server's SSL_CTX persistent and shared
> across multiple connections?
Ah, right. Unlike GnuTLS, the STEK is tied to the SSL_CTX and,
as you say, Exim initialises t
Hello,
I think the person I spoke with might have thought about another set of
signatures for an in-house identity provider. If that is the case then
those signatures were probably generated by OpenSSL 1.0.2 and are OK. I
heard from another person today that the bad files were produced by the
othe
On 02/04/2019 17:34, Steffen wrote:
> Hello,
>
>> What had produced the signatures?
>
> I received word from my end that the signatures may have been produced by
> OpenSSL 1.0.2 (no idea which letter release) in the Cygwin environment but I
> cannot confirm this.
>
If that's the case, I'd re
