Hello,
Can s_client be used to send additional certificates (i.e. certificates that
are not part of the chain for the current connection)
I am trying to do the following (pseudocode):
s_client -key myclient.key -cert myclient.cer -verifyCAfile expectedserverCA
-connect server:port -fileAdditio
Thanks very much, Matt and defulger.
Removing the "-fvisibility=hidden" has enabled the tests to pass.
I'll now have to see how my application (which is statically linked to OpenSSL)
fairs.
Lee
From: Matt Caswell
Sent: 23 December 2021 10:13
To: Lee Staniforth ; openssl-us
this.
Thanks in advance.
Lee S
I want to reduce the size of EDK2 CryptoPkg by enabling, at build time, only
the OpenSSL algorithms I want supported in my code. Is this possible via a
configuration mechanism? I can't find anything in documentation. Does this
violate the GPL license?
Thanks.Lee
Hi All,
I'd like to verify all of cryptographic algorithms on OpenSSL.
But I could not get any way like tool.
Do you have any tools for this?
BR,
KH.Lee.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
ster) is
set,
this instruction is not allowed to execute in user mode.
I wonder why openssl use this instruction in user mode, as PMUSERENR is
not set by default.
BTW, My architecture is ARM v7, kernel is 3.18, openssl 1.0.1.
BR
Rock Lee
--
openssl-users mailing list
To unsubscribe: https://mta
Hi all,
I'd like to know a way or OpenSSL command for what kind of SSL version are
supported on current OpenSSL package.
ex) SSL3.0/ TLS1.0/ TLS1.2/ DTLS1.0..etc..
BR,
KH.Lee.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
NIST addresses TLS 1.0-1.2 KDFs in SP 800-135rev1. For 140-2 validation the KDF
would be tested via NIST's ASKDFVS. For those riding on the shirttails of
#1747, note that the TLS KDF component is implemented in the FIPS-capable
OpenSSL library code *outside* of the FIPS Object Module. Though th
and what are all the other threads doing? some other thread must already
own this lock and is waiting on something else.
-lee
On 2014-01-10 13:11, Tayade, Nilesh wrote:
> Hi,
>
> I am facing a deadlock issue on openssl1.0.1e. Please see the stack below.
> Could anyone please advise
orrect size (*
294* in my case).
I've poked around Google and the list archives and couldn't come up with
anything; but I also couldn't come up with results from many people who had
been doing what I am doing (ie. reading from an inlined object blob).
- Lee Hambley
A
$ echo $?
0
I assume that the bytes at the given location have been modified, or
removed somehow. When I don't call ``, the base64 outpu
> I would like (need) to get OpenSSL working in the EFI [...]
In the EDK-2, this directory:
edk2/trunk/edk2/CryptoPkg/Library/OpensslLib/*
showd you how to patch, configure, and build OpenSSL in the EDK-2
environment. Also look in some nearby include directories for OpenSSL
headers and in
> I have been trying that. it shows handshake for TLSv1 for some sites and
> not for others.
>
> I might be using it wrong.. but am not also sure if it supports analyzing
> https by default..
>
> Have you tried it ?
If Wireshark doesn't work, try Microsoft Network Monitor (NetMon).
Wireshark is
For things that the peer support forum and the existing documentation
don't cover, you have the source code, which is definitive.
Additionally, there are professional OpenSSL consultants you can use for
help.
It would be more productive to submit bugs and patches, instead of a
litany :-)
_
>>> I remember seeing somewhere that OpenSSL supports Intel AES instruction
>>> set. If so, which release is that and what flag is needed to
enable it.
>>> Does the 'no-asm' flag in 'Configure' disable the use of these
instructions?
Look on the Contribution page.
http://openssl.org/contrib/
I forwarded this to the EFI list, for a response from Intel:
http://sourceforge.net/mailarchive/message.php?msg_id=29329799
Original Message
Subject: Re: [edk2] Fwd: Re: UEFI Authenticode Code - is it any good?
Date: Tue, 29 May 2012 08:47:51 +
From: Long, Qin
Reply-To: ed
On 3/17/12 1:27 AM, John A. Wallace wrote:
> Is this list available from gmane or some similar way that allows
> it to be read with a newsreader? Thanks.
nntp://news.gmane.org/gmane.comp.encryption.openssl.user
http://dir.gmane.org/gmane.comp.encryption.openssl.user
http://gmane.org/find.php?l
DSA_verify() is not FIPS compliant? If so, will moving to
FOM 1.2.3 help?
Cheers,
-Chang Lee
Nice tip. I'll look into that.
On Thu, Sep 22, 2011 at 4:19 AM, Frank Morgner wrote:
> On Thursday, September 22 at 08:41AM, Dominik Oepen wrote:
> >
> > Am 21.09.2011 23:27, schrieb Chang Lee:
> > > Does anyone know of a way to take an ASN1_OCTET_STRING that
ASN1_get_object() got the job done. Thanks.
On Thu, Sep 22, 2011 at 1:34 PM, Dr. Stephen Henson wrote:
> On Thu, Sep 22, 2011, Chang Lee wrote:
>
> > Thanks for the info. I'll try to get it to work using ASN1_get_object().
> > Just for my edification, was my approach
Thanks for the info. I'll try to get it to work using ASN1_get_object().
Just for my edification, was my approach using the templates and macros not
a viable option?
On Thu, Sep 22, 2011 at 12:22 PM, Dr. Stephen Henson wrote:
> On Thu, Sep 22, 2011, Chang Lee wrote:
>
> > I&
ther->value.octet_string;
AUTHENTICODE_CONTENT *pAuthContent = d2i_AUTHENTICODE_CONTENT(NULL, (const
unsigned char**)&content->data, content->length);
...
d2i_AUTHENTICODE_CONTENT(...) errors out.
-Clee
On Thu, Sep 22, 2011 at 10:07 AM, Dr. Ste
inik Oepen <
oe...@informatik.hu-berlin.de> wrote:
> Am 21.09.2011 23:27, schrieb Chang Lee:
> > Does anyone know of a way to take an ASN1_OCTET_STRING that contains a
> > DER encoded Sequence and extract the contents of the Sequence as an
> > ASN1_STRING. Essentially,
Does anyone know of a way to take an ASN1_OCTET_STRING that contains a DER
encoded Sequence and extract the contents of the Sequence as an ASN1_STRING.
Essentially, I want to construct an ASN1 object of the Sequence. I guess I
could manually parse the Sequence (and deal with the different types o
I will be on vacation from Sep/05/2011 thru Sep/16/2011 (back in the office on
Sep 19).
Have a great day !
Huie-Ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
I will be on vacation from Sep/05/2011 thru Sep/16/2011 (back in the office on
Sep 19).
Have a great day !
Huie-Ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
I will be on vacation from Sep/05/2011 thru Sep/16/2011 (back in the office on
Sep 19).
Have a great day !
Huie-Ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
I will be on vacation from Sep/05/2011 thru Sep/16/2011 (back in the office on
Sep 19).
Have a great day !
Huie-Ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
uld you agree with my conclusion or am I missing something?
-Chang
On Mon, Aug 15, 2011 at 2:03 PM, Dr. Stephen Henson wrote:
> On Mon, Aug 15, 2011, Chang Lee wrote:
>
> > I appreciate the timely response. So it is as I suspected then.
> > PKSC_signatureVerify() is not digesti
etc...
It just needs to be interpreted as an OCTET STRING.
-Chang
On Mon, Aug 15, 2011 at 12:27 PM, Dr. Stephen Henson wrote:
> On Mon, Aug 15, 2011, Chang Lee wrote:
>
> > Has anyone been able to use PKCS7_verify(...) to verify a SignedData
> > signature with authenticated
ibute. This implementation would be wrong. Is this a bug or do have I
stayed up too long looking at this code.
I'm using 0.9.8r.
-Chang Lee
Can we use OpenSSL lib with Managed C++? Thanks.
http://openssl-net.sourceforge.net/
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.o
Ok. It's a Firefox Add-on:
https://www.eff.org/https-everywhere
Questions:
1) But: Why can't i find it on the offical Firefox Add-ons site?:
https://addons.mozilla.org/en-US/firefox/
Because you're looking in the wrong place. It is wrong to assume that
100% of XPIs are hosted at AMO. Most ar
t;) are not present. This causes
fipsld to fail, any suggestions appreciated.
Lee
--
On 10/12/2010 07:07 AM, rajesh kumar wrote:
Hi All,
i am very new to OpenSSL build ...
I have build the static build of FIPS Capable OpenSSL as mentioned in
user guide 1.2.
I have used following commands on
g about them in school.
Thanks.
Regards,
Lee
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Steffen DETTMER
Sent: Monday, February 15, 2010 11:04 AM
To: openssl-users@openssl.org
Subject: Re: Thread locking functions
* Sad
On ubuntu 9.10 (karmic) I'm unable to connect to a wireless network
using PEAP/mschapv2. Looking at the syslog, it seems that OpenSSL
isn't recognizing the root CA:
Nov 18 09:37:35 my_laptop wpa_supplicant[1587]: CTRL-EVENT-EAP-METHOD
EAP vendor 0 method 25 (PEAP) selected
Nov 18 09:37:35 my
Hi,
I wanna ask something...
Im trying to add crypto algorithm into Openssl,
I heard about the engine(ccgost), and read the README.txt file, but I don't
understand
how to do it..
I wonder If I add my own algorithm, Do I just copy ccgost pattern? or have
to change
entire openssl core source??..
2009/10/14 Reid Thompson :
> On Tue, 2009-10-13 at 08:58 +0800, jaze lee wrote:
>> hello guys,
>> recently i use openssl to implement a identify scheme, i need the
>> hash function. But the sha1 can not meet my needs,
>> the message digest i want are 200 bits or
jaze-lee
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord
e note is " Add polynomials a and b and store result in r; r could
be a or b, a and b could be equeal;
r is the bitwise XOR of a and b ."
i want to know when the r is the xor of a and b.
>
> Cheers,
> --
> Mounir IDRASSI
> IDRIX
> http://www.idrix.fr
>
> jaze lee wro
2009/9/14 jaze lee :
> 2009/9/14 Mounir IDRASSI :
>> Hi,
>>
>> There is no explicit function for this but you can use the function
>> BN_GF2m_add to perform the XOR of two BIGNUMs : for GF2m polynomials,
>> the addition is a simple bitwise XOR.
> Thank you
list
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
I want to implement xor function of large number . I do not know
whether the similar function is already been implemented. If so, where
i can find it . And if not i have to try , thank you !
__
OpenSSL Project
EC_POINT *generator; //optional
38 BIGNUM order, cofactor;
Regards
jazz lee
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Auto
hello,
when i traced ecdsa_do_sign, i can not find the definition of
ECDSA_SIG_new(), anyone know where it is ? thank you
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
hello,
If i want to use elliptic curve encryption algorithm, i have to
express my data into the point in the curve, Is there some good
methods
do this job well ?
Thank u.
__
OpenSSL Project ht
Hello,
Is there a function to implement the ecc encryption ? not ecc
signature. Thank you .
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@op
hello,
how we change the data we want to encode to the point in the
ecliptic ? thank you
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@opens
2009/6/7 Victor Duchovni :
> On Sun, Jun 07, 2009 at 09:51:14AM +0800, jaze lee wrote:
>
>> The problem is we can not find the function yet ? or some other ways
>> to judge a big integer whether it's a prime. Is it so-called
>> mathematics problem that many cipher b
2009/6/6 Michael S. Zick :
> On Sat June 6 2009, jaze lee wrote:
>>
>> i still not understand the problem. although i don''t get the result.
>>
>
> Q1: Why is this problem "hard" - as in: "computationally hard" ?
>
> A1
2009/6/6 Rustam Rakhimov :
> So if you are so brave try the example given before.
> Than you will feel reality.
may be you are wright, i try , but i can not get the result.
if a integer with m bits and another integer with n bits, if the
multiple , there product has m+n bits or m+n-1 bits.
2489114
2009/6/6 David Schwartz :
>
>> hello,
>> when i read some books about cryptography, it always go that the
>> cryptography is based on the difficult math problem, for example big
>> integer decomposition,
>> i don't understand it, for if we know that n = p*q , p, q are prime ,
>> why it's diff
if we know the big
integer and it is mul of two prime number. we can get prime number
and test whether p*q == n, why people say it 's a difficult problem?
may be my understanding is not right? someone who knows please tell me
, thank you very much
sinc
hello,
#include
2 int main() {
3 BIO * b;
4char buf[100] = "hello world \n";
5 b = BIO_new(BIO_s_file());
6 BIO_set_fp(b, stdout, BIO_NOCLOSE);
7 BIO_write(b, buf, sizeof(buf));
8 return 0;
9 }
after compile , and run, i can see the hello world
but if
hello,
If there is a large file, I want to use BIO_read to read it
to buff[4096] in a loop, but i found it start from the second loop,
BIO_read from the file begining. I use BIO_seek to solve it.
But it not work. Is there any good suggestion ? Thank you
_
Hi,
I've been going through a lot of articles about setting the timeout value of
the SSL session, however I still haven't got any clue to how to do it.
Could you be so kindly in giving me ideas to do this.
Many thanks,
Jack
_
Expr
verification of the PGP signature, and after
talking with PGP salespeople, PGP Professional will do the PGP
verification:
http://www.pgp.com/products/packages/desktop_pro/index.html
Though it does a lot more, but I only need the signature check.
Regards,
Lee
--
"There is nothing remarkable abo
I need (albeit it runs on a mainframe!) than the full PGP suite.
Thanks,
Lee
--
"There is nothing remarkable about it. All one has to do is press
the right keys at the right time and the computer programs itself."
(ala J.S. Bach)
Unless otherwise stated, any views presented in this e-mail
for ARM ?
Thank you very much.
Park Lee
Expecting? Get great news righ
You might check for "redefined" errors on this symbol.
I would tend to remove the rpm before installing a built version, but either way should work.
Regards,
Lee
On Sat, 2006-11-04 at 18:56 -0800, Ramtin wrote:
Hi everybody,
I had installed openssl as a rpm package (openssl-
ctx is automatically cleaned up after the
call.
Maybe this could be changed somehow?
Thanks again,
Lee
You need to call EVP_CIPHER_CTX_cleanup() to free up any memory associated
with the ctx.
---
"There is nothing remarkable about it. All one has to do is press the right
bio->references is also incremented.
Any thoughts on this would be appreciated,
Lee
P.S. Here is my source code:
#define EVP_ERR(_errVal) do { ret = _errVal; goto err; } while (0)
int
evpEncrypt(int keyIdx, BYTE *dstPtr, BYTE *srcPtr, int cryptLen, int *errCode)
{ // Call the OpenSSL encryption r
s the case.
Many thanks again to the group, especially Goetz and Peter!
Lee.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Goetz Babin-Ebell
Sent: 15 May 2006 21:20
To: openssl-users@openssl.org
Subject: Re: Multiple commonNames or using subjectAltNam
t name-cert.pem -config ./1openssl.cnf -infiles
name-req.pem
(Signs the certificate)
This seems to generate a valid certificate, but only works when the app
is run on Server1.myDomain.local, and not on Server2.myDomain.local.
Again, sorry this is a little long but I’m stuck!
Thanks again all.
Lee.
the correct way to do it?
Goetz, I will try your patch too, but I'd like to be able to do this
with a vanilla OpenSSL install.
Many thanks again people.
Lee.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:
nName = Common
Name (hostname, IP, or your name)
commonName_default =
*.DomainName.local
commonName_max = 64
but that doesn't work either. Can anyone help?
Thanks
Lee.
know? Hope
I was some help.
Thanks
Lee
From: owner-openssl-users@openssl.org [mailto:owner-openssl-users@openssl.org] On Behalf Of danny ng
Sent: 17 February 2006 06:54
To: openssl-users@openssl.org
Subject: how to generate Private
for Blowfish, CAST and rc4
Hi
here some other function I can call to determine if the connection
is TLS or SSL(v2|v3)?
-lee
I'm not losing sleep over it, I've accepted the fact that my server
needs to use methodv23() to be flexible. Just curious it that will ever
n
Perhaps I'm getting confused with what's reported.
I just noticed that SSLv3 gets reported even when I specify TLS methods
on the client and server. ie.
"cipher spec=AES256-SHA SSLv3 Kx=RSA Au=RSA
Enc=AES(256) Mac=SHA1"
Is this "really" SSLv3 or is it TLS?
Kyle Hamilto
rver that can handle
either SSL or TLS incoming connections? Or, if both ends support it,
negotiate to TLS?
TIA,
-lee
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
e
saved me days of trawling through websites and the book.
Lee.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: 08 February 2006 17:39
To: openssl-users@openssl.org
Subject: Re: Decryption question
If you're on Win32, just type up
d you mean manually code some soap
messages and pass them to s_client, to see what the server returns? No
problem doing this, but how do I get them into s_client?
Thanks again, you've been a lifesaver.
Lee.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Still a confusing explanation I know, but it's a confusing problem!
Hope this helps a little, many thanks in advance for anyone who trawled
through all this!
Lee Colclough
-Original Message-
[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Subject: Re: Decryption question
I'm
OpenSSL within
gSoap and can help, I can provide more specific detail.
Any ideas appreciated,
Lee Colclough
#7 0x08049499 in user_func1 () at x1.c:61
#8 0x08049289 in main () at x0.c:49
1) What is the valid way to successfully close SSL session?
2) What documents should I read for this problem?
3) Any ideas?
Thank you for your help.
--
Seongsu Lee - http://www.senux.com/ [Follow is a random
SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
I am waiting for comments. Thank you!
--
Seongsu Lee - http://www.senux.com/ [Follow is a random fortune]
"On a normal ascii line, the only safe condition to
detect is a 'BREAK' - everything else having been
assigned functions by Gnu EMACS."
Hi,all:
I am new to freeradius world. I am trying to setup EAP-TLS using freeradius server. Would you pls tell me which cisco access point is preferred for the EAP-TLS setup?
I have installed openssl-0.9.8 and freeradius-1.0.5 on Redhat 9.0. I tried several times to generate certificate b
out cert.pem -keyout key.pem -extensions usr_cert
>
Thanks Steve, I will give that a try.
Lee
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@ope
> You can do the whole thing in a single command by using the -x509
> option to
> 'req'. You might want to use alternative extensions though
> because that will
> use CA ones by default.
Could I impose upon
s for data. Is there a way that I can feed this data (passphrase,
State, City, common name, etc) to the command line through a text file or
such?
I've looked through the command line params docs, but didn't notice
anything.
Thank you for any help,
Test please ignore
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROT
te against?
Den 21. sep 2004, kl. 15:43, skrev Lee Baydush:
> You can't tell if it has been revoked. That's why they are 'trusted
> roots'. If you think your root ca has been compromised, that is when
> you usually hit the big red panic button and shut down the
You can't tell if it has been revoked. That's why they are 'trusted roots'. If you
think your root ca has been compromised, that is when you usually hit the big red
panic button and shut down the shop.
-Original Message-
From: Jon Bendtsen [mailto:[EMAIL PROTECTED]
Sent: Tuesday, Septe
--- Lee Baydush <[EMAIL PROTECTED]> escreveu:
Do you know are you trying to output to an input
only BIO? I assume you also checked the hbio!=NULL
and cert!=NULL?
>
> -Original Message-
> From: Marcos Paraiso
> [mailto:[EMAIL PROTECTED]
> Sent: Monday, September 20, 2004
Will somebody tell me how to add an OID and corresponding verification routine to
OpenSSL version 0.9.7c to verify a SHA-256 signature. Currently I am trapping the
X509_V_ERR_CERT_SIGNATURE_FAILURE and X509_V_ERR_CRL_SIGNATURE_FAILURE errors in my
verify callback routine, comparing the OID in t
Do you know are you trying to output to an input only BIO? I assume you also checked
the hbio!=NULL and cert!=NULL?
-Original Message-
From: Marcos Paraiso [mailto:[EMAIL PROTECTED]
Sent: Monday, September 20, 2004 9:08 AM
To: [EMAIL PROTECTED]
Subject: Problems with get_notAfter
Hi ev
Are you sure it *actually* worked? The function call will appear to succeed,
but win2K and above don't allow programs to set TOS anymore, unless you
fiddle with the registry to override the default behaviour.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf
with an encrypted
string
and a password.
Any suggestions for this?
Thanks.
- Lee
To: [EMAIL PROTECTED]
Subject: Command-line and API differences
Date: Thu, 12 Feb 2004 20:06:31 -0500
I'm having a problem using the crypto api interface, and the openssl
command line
Here's my
ard. The standard has been modified, subject alt name
has been added and there is a wish to move such information to the new
extension. Until legacy applications are gone, it is wise to code this
information in both locations. Wouldn't you agree? That's exactly what
the CA I used has done.
-lee
smime.p7s
Description: S/MIME cryptographic signature
o the same with an openssl generated
certificate.
-lee
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Michael Helm
> Sent: Tuesday, February 03, 2004 3:55 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Creating certificates with more
t; <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 07, 2004 3:51 AM
Subject: Re: SSL_accept(), IE and simultaneous connections
Michael Lee wrote:
> In my multithreaded HTTPS server application running on Windows 2000,
> SSL_accept() occasionally returns -1
e
are many simultaneous connections from IE.
Michael Lee
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated Li
a workaround or should I use some special
options?
Michael Lee
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
use that memory (as when you
call a system function), an error is reported.
As I said, can't speak for your setup, but that's what I found when I
tracked down similar issues on my setup.
-lee
__
OpenSSL Proj
for outlook to use it you need to pick another port, not
it's suggested 995, and setup qpopper "tls-support=alternate-port". Just
what I figured out, there may be better solutions.
-lee
smime.p7s
Description: S/MIME cryptographic signature
at was configured as a
non-inband negotiated TLS ("stls" terminology in qpopper) and pointed my MS
outlook people at it (with SSL enabled).
That is, if that is what you're trying to do...
-lee
__
OpenSSL Pro
.
Lee Pretorius
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
not as easy to protect yourself against. using honking big h/w
accelerators is one solution. I don't know of any s/w solutions.
-lee
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Neil Humphreys
> Sent: Tuesday, August 19, 2003 2:2
> 3) Provide a better explanation of what's wrong and where.
You say you're using a ppc603? What speed?
My experience with a ppc603 at 133Mhz says an SSL_accept takes about 1.3
seconds, most of it at full throttle on the processor. If this is your
experience (scaled by your processor speed) and t
rt of writing his own verify code (a fairly
major effort to get right) I worry that this will discourage using the crl
checking features and we end up poorer off, security wise.
just my thoughts.
regards,
-lee
__
OpenSSL Project
1 - 100 of 181 matches
Mail list logo
