Running into an odd problem with ipv6 self signed certificates.
Firefox does not seem to be able to or want to accept them.
Same certificate is ok on ipv4.
What attributes are normally found in a certificate for ipv6..does anybody have
an example they could share with me?
Anybody run into th
Security Update for Windows Server 2008 R2 x 64 Edition (KB2585542)
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=28629
Does anybody have any experience with this security patch?
It seems to affect older versions of openssl (0.9.7 or so)... does anybody have
experience wi
t, you did something different.
--- On Mon, 1/11/10, Dave Thompson wrote:
> From: Dave Thompson
> Subject: RE: trying to understand ECDHE operations
> To: openssl-users@openssl.org
> Date: Monday, January 11, 2010, 5:48 PM
> > From: owner-openssl-us...@openssl.org
> On Behalf
I am trying to understand the server key exchange message.
It would be nice if I could compare and understand an actual
packet while looking at RFC 4492.
I am using openssl s_server and s_client for my experimenting.
There is a lot of stuff in that message.
struct {
ECParameter
Hello,
As always, I appreciate all the help.
Based on the old message snippet below, two questions:
1) Are the session keys then used by the symmetric cipher going forward?
Or is there another step used to get those keys.
For example, if I am using 192 bit ECC, and using AES-128, what do
I use f
Hello,
Once again I back trying to understand ECDHE.
I would like to use openssl and s_server and s_client for my
trail and error testing.
I have my notes on generating a key file, but I can't seem to
find my notes on starting s_client and s_server such that they
do the elliptic curve diffie h
ommand line) except I want to bypass the key derivation
function. (If I were hashing instead of encoding I would just use
"openssl sha1 -sign hmac.pem".)
Michael D. Adams
__
OpenSSL Project
k as in "(*)" except that now
the attacker is attacking the IV and doesn't need to use the backup
system as an oracle. He can just run the hash algorithm himself.
(***) We don't need a block-cipher mode here (it'
th "ps -f" someone else in *another* room can see the command line
arguments of programs that I run.
You wouldn't "chmod a+r" your key files now would you? Having key
contents appears as a command line argument does effecti
y mind
there is a large leap between 'normal users could get this secret
info' and 'user's with root access could get this secret info'.
Michael D. Adams
__
OpenSSL Project
"-pass
file:" would be available, but I haven't been able to find an
equivalent for "openssl dgst" (even the 1.0beta's "-macopt" flag
doesn't do this).
Am I missing something here? What is the p
rstand ECDHE operations
> To: openssl-users@openssl.org
> Date: Wednesday, September 30, 2009, 5:53 PM
> > From: owner-openssl-us...@openssl.org
> On Behalf Of Michael D
> > Sent: Wednesday, 30 September, 2009 13:12
> (superseding previous, I assume)
>
> > Ok, I reran
:00 0
b7fa-b7fa1000 r-xp b7fa 00:00 0 [vdso]
b7fa1000-b7fbb000 r-xp 03:01 2793474/lib/ld-2.7.so
b7fbb000-b7fbd000 rwxp 0001a000 03:01 2793474/lib/ld-2.7.so
bfba8000-bfbbd000 rwxp bffeb000 00:00 0 [stack]
--- On Wed, 9/30/09, Michael D wrote:
> From: M
certificate, why
does the server send a server key exchange?
Thank you everybody for your help.
-Mike
--- On Tue, 9/29/09, Michael D wrote:
> From: Michael D
> Subject: RE: trying to understand ECDHE operations
> To: openssl-users@openssl.org
> Date: Tuesday, September 29, 2009, 6:
-us...@openssl.org
> On Behalf Of Michael D
> > Sent: Friday, 25 September, 2009 09:32
>
> > Thank you for your reply.
> > Maybe we can drill down on the client key exchange
> message first.
> > Looking at the rfc I see it should hold:
> > ECPoint ecdh_Yc;
.@openssl.org
> On Behalf Of Michael D
> > Sent: Thursday, 24 September, 2009 09:12
>
> > I have been playing with an the command line tools of
> open
> > SSL and am examining traces in hopes to get an
> understanding
> > of how ECDHE works in real life.
&g
Hello,
I have been playing with an the command line tools of open SSL and am
examining traces in hopes to get an understanding of how ECDHE works
in real life.
My confusion focuses on the Client Key Exchange, Change Cipher Spec,
Encrypted Handshake message.
The server has selected:
TLS_ECDHE_ECD
n Henson wrote:
> From: Dr. Stephen Henson
> Subject: Re: ECDHE help needed, please
> To: openssl-users@openssl.org
> Date: Saturday, August 22, 2009, 1:19 PM
> On Sat, Aug 22, 2009, Michael D
> wrote:
>
> >
> > I am testing a custom TLS client I am writi
I am testing a custom TLS client I am writing for a night class.
I would like to use openssl s_server for the testbed, if that is possible.
I am running openssl-1.0.0-stable-SNAP-20090821
* I am running the command as follows:
openssl s_server -nocert
It starts by saying:
Using default temp D
19 matches
Mail list logo
