Dear List:
According to Bruce Schneier, there is a security problem with OpenSSL's
ASN.1 implementation. I have searched the OpenSSL Web FAQ and the
list archive, but have not found any mention...
Any comments/feedback will be appreciated.
Many thanks!
Andrew.
SCHNEIER d
>On Thu, 26 Aug 1999, Wade L. Scholine wrote:
>
>> > >anybody
>> >
>> > somebody
>>
>> everybody?
>
>nobody.
Scottie, beam me up, there is no intelligent life left
in the OpeSSL users group.
Ah, shall we get back to business? Please?
_
This seems like a typo to me. There is no 128-bit DES.
There is 168-bit Triple-DES, though (uses 3 different
56-bit keys, i.e. 56 x 3 = 168.)
-Original Message-
From: Francois Orsini <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Viernes 30 de Abril de 1999 21:33
Sub
>> At least the first time you download it, perhaps you
>> don't have any X.509 software to verify it with?
>
>More specifically, you can't use SSLeay to verify it's own signature, since
>you can't trust the code until after the signature has been verified. If I've
>modified the code to to bad thi
Steve,
Fortunately you don´t need to "put it together yourself"!
Check the IETF S/MIME Freeware at: http://www.imc.org/ietf-smime/
Andrew.
>Hi Steve,
>
>> > I need to send a message to a Netscape user (S/MIME), and encrypt
>> > it using the cert he's sent me in a signed message. (In other
>>
