If you create the key with the -nodes option, then it is not password
protected. Would that help?
Baber
:)
--
Rise above the clouds and the master
pilot will guide you through the turbulence.
>>> [EMAIL PROTECTED] 06/09/02
One might not want to make the client side interactive to the point
where the user manages client side certs. Of course, that can be made
automatic and predefined client certs could be embedded in the set-top
box. Which might actually give one the advantage of knowing if the user
is really using
You can do annonymous SSL between the client and server and then niether
has to give out the cert. The pre-master secret is encrypted in an
ephemeral key generated by the server.
Thanks
Baber
:)
>>> [EMAIL PROTECTED] 04/18/02 09:21AM >>>
Well it might not be such a good design,
but what I asked
Did I miss the reply on this one. Can anybody shed some light on this?
-- original mail follows
Hi folks, how can one limit and enforce the the key size that can be
generated and used by openSSL and related utilities. The enforcement
has to happen on
Hi folks, how can one limit and enforce the the key size that can be
generated and used by openSSL and related utilities. The enforcement
has to happen on multiple levels,
1. At generation.
2. Loading keys into the context.
I am presuming that the ciphers can be limited to a lower or higher
