--- On Fri, 8/15/08, Ger Hobbelt <[EMAIL PROTECTED]> wrote:
> Ahh... This brings back memories... I had to do the same
> 'selective compilation' back before 2000 when the USA would
> prohibit cipher export at 128 bit and beyond unless you had a
> specific license.
Ger,
Many thanks for taking
--- On Fri, 8/15/08, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
Thanks for your comments.
> Well, the question becomes: Which government are you trying to
> work around the restrictions of? OpenSSL is open-source.
In this very specific case: the Canadian gouvernment. The whole
thing does not loo
Hello,
Thanks for your reply.
> If this is not sufficient you may check out ssl/sslv3.c etc and
> actually remove the ciphers you don't want to support in your
> libssl from the registration tables.
As a test, I've commented out every cipher definition in
ssl/s3_lib.c, like this example:
The
Hello all,
I'd like to get all of the ciphers that are tagged 'export' as
well as the 56-bit ones that are not. Eg.:
(list somewhat shortened in width)
EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Enc=DES(56)
EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Enc=DES(56)
DES-CBC-SHA SSLv3 Kx=
penssl.org
> Received: Wednesday, August 13, 2008, 10:18 PM
> Fred Picher:
>
> > For export regulations compliance I must dumb down
> OpenSSL to use
> > only DES. And that's only DES, no 3DES ! So I
> got it down to:
>
> Are you sure you aren't trying to com
Hello,
For export regulations compliance I must dumb down OpenSSL to use
only DES. And that's only DES, no 3DES ! So I got it down to:
openssl ciphers -v
EDH-DSS-DES-CBC3-SHA
SSLv3 Kx=DH
Au=DSS
Enc=3DES(168)
Mac=SHA1
EDH-DSS-DES-CBC-SHA
SSLv3 Kx=DH
Au=D
