On Thu, Nov 15, 2012 at 09:52:49AM -0500, Sanford Staab(Gmail) wrote:
> In the case of openssl, a big gain would be to simply document the command
> line interface better and create a doc centric forum for people to add their
> lessons learned filed around the particular feature area of openssl.
I beg to differ and this is one reason I am not very active.
Several years ago I contributed a function to determine endianess. I had done
it years and years before so it was quite simple for me. I took the time to
put documentation in the function. Also I am a professional consulting
progr
I don't at this point own an android and I am thinking of getting one. I'd
like to ask of the environment. Will I need to root it? I expect the answer
is yes and I'll have to install all the development tools as well. Its there a
website which provides instructions.
Next what of cross comp
I would want to double check this. The APACHE docs found here state the
following:
http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html
"How do I get SSL compression working?
Although SSL compression negotiation was defined in the specification of SSLv2
and TLS, it took until May 2004 for RFC 37
I wom't do windows When I get paid back then I might. I have three (3)
unopened copies of NT 4.0 and I take it personally since it personally came
from my bank account. Besides which you should not be soliciting in this
channel.
On Tue, Dec 06, 2011 at 05:06:52PM -0800, barbara.purringto
Very good!
I can write a little code to do that!
Thanx
On Thu, Aug 25, 2011 at 05:24:14PM -0400, Crypto Sal wrote:
> You typically import certs through the Firefox certificate manager found
> via "Edit -> Preferences -> Adv. -> Encryption -> View Certificates". It
> should be self explanatory
Web broker.
Also they seem to have broken their web site in other ways.
I just hate it when they figure they should reprogram my browser so I can't
right click on a link and open in a new window. I do run multiple monitors and
its nice to put a press release on one monitor and another press
Good idea.
Ya. I know. But what percentage of the computers the bank deals with are
filled with malware?
On Thu, Aug 25, 2011 at 04:06:02PM -0500, Michael S. Zick wrote:
> On Thu August 25 2011, t...@terralogic.net wrote:
> > Sorry
> >
> > http://www.tdwaterhouse.ca/
> >
> > Its my old ce
I know the theory. I'm also a programmer. I just never bothered to install a
root cert before. But I do know how to make them.
I'll dig around in FireFox and see where it is and how its done.
As for the bank. We build it and they break it. Not my fault.
On Thu, Aug 25, 2011 at 01:51:01P
Sorry
http://www.tdwaterhouse.ca/
Its my old cert chain which is broken. I jsut want to go to them and ask them
to supply the root cert so I can install it and get rid of the error message
which Firefox generates because I can't find the root cert.
On Thu, Aug 25, 2011 at 04:44:07PM -0400, C
I already know its my certificate store. I only asked how to load in their
noew root cert
On Thu, Aug 25, 2011 at 01:09:20PM -0700, Craig White wrote:
> Go to an entirely different computer and try accessing - you will know if
> it's your computer or their certificates.
>
> If it's your compu
TDWaterhouse In Canada. I'm in Calgary. THose idjots tell me to reboot my
computer when their Apache servers in TO send me a misconfiguration message. I
told them yesterday we build it and you break it. Something is desperatly
wrong.
On Thu, Aug 25, 2011 at 02:10:11PM -0400, Crypto Sal wr
I know you are trying to help. But it doesn't help me to defer to a package
manager because I'm trying to fix what the last package managers screwed up.
On Thu, Aug 25, 2011 at 04:09:44AM -0500, Michael S. Zick wrote:
> On Wed August 24 2011, t...@terralogic.net wrote:
> >
>
> Top posting to a
I see my bank has an invalid cert. Likely I have an old cert chain. I'm
running Debian Linux and firefox.
Can anyone tell me where to install a valid root cert? Like what directory? I
would think the bank should be able to provide the root of the chain. I'll
need to know SPECICALLY what to
Bob,
Just a little more explanation here. Suppose we have a bunch of structures
allocted into the pages of memory and a connection goes sour and is timing out.
Suppose our server is under substantial memory pressure. In a situation like
this if _any_ structure on any active connection happen
I have suggested this before. Write your own memtools.
http://www.terralogic.net/developer/developer.html
I tossed up a couple poor boy examples.
Note the calls:
struct pfa_ControlBlock chain1 = { ipfa_ControlBlock }
, chain2 = { ipfa_ControlBlock };
pfa_Init( &chain1,
I've not looked at the OpenSSL code for a few years now. Last time I looked
the only way to do things was via a "BIO" and the BIO functions did the crypto.
This is totally inappropriate for many server designs.
I would like to ask if the crypto/bio functions have been factored apart so
the
Right. With server auth you elimate the weakenss I was thinking about a few
years back. As was pointed out I didn't check for html.
On Wed, Oct 03, 2007 at 03:55:21PM -0700, Michael Sierchio wrote:
> [EMAIL PROTECTED] wrote:
> > I'd like to ask the group about a possible man in the middle att
Thank you very much!
I never realised there was even an html attachment! I use mutt and never
looked for it. Of course I know why I use mutt and this is one of the reasons
why.
Since I never looked at the html I never saw the bogus address. How cute eh!
These financial instutions have a maj
Go with OpenSSL
On Thu, Apr 27, 2006 at 03:39:47AM -0700, Wakatou (sent by Nabble.com) wrote:
>
> Hello,
>
> My commercial company needs to secure its databases and file transmissions.
> We need to reassure the client that our site and his datas are secured on
> our application. Therefore, we ne
Why don't you spin through the file in the two machines and determine if they
are (1) the eact same length and (2) if their contents match.
While I have not been doing openssl programming for a while I am a programmer
and that would the 1st thing I'd check. You should look for byte ordering as
I'll toss in my 2 cents and perhaps say something either stupid or obvious.
That is that if you have a number of say 1024 bits then you can compute the
cube root in 1024/3 operations where each operation in z^3. I do not know why
you need the number and I do not know if this is an acceptable c
Why is this message 38K?
On Tue, Jun 14, 2005 at 04:55:01PM +0530, Madhu Sudhan Reddy wrote:
>
>
>
>
> Hello All,
>
>
>
> I have the requirement to sign the data in CMS format. I
> used PKCS7_sign function , which outputs data in PKCS#7 format.
>
>
>
> After creating s
It depends what you mean by small. A good idea would be to see of a 200 mHz P1
will do the job.
Next - if you can forward your results to me I'd be very interested.
Depending what you are serving a power power processor like this should be able
to keep a T1 full. But this will depend on the m
Usually I lurk but I can offer some suggestions.
1) it will depend on the hosting company
2) certs are the same. The issue is that windows knows about certs from
companies like verisign and does know know about anything you generate yourself
- however technically they are the same.
3) Technic
I would be interested in looking at what you did. I and others in the past have run
into issues with the way OpenSSL does server side I/O. Perhaps this will be part of a
solution.
Please advise how I can get the code. [EMAIL PROTECTED]
Thanx
On Thu, Jan 09, 2003 at 02:07:03PM -0500, Sidney
check ldconfig
On Mon, Jun 24, 2002 at 01:10:08PM -0700, Hendrick Chan wrote:
> Michael,
>
> You missed the libexec that mentioned in the example of httpd.conf:
>
> LoadModule foo_module libexec/mod_foo.so
>
> Michael Piskol wrote:
>
> > Hello,
> >
> > I'm currently working on installing Open
I sort of agree with the sentiments expressed by Shalendra Chhabra. The value added
by M$ or verisign is questionable. I would rather I could pop over to my local bank
and get a cert. They know me and I trust them. I do not trust Verisign.
I have said this before in this group and I will re
You can do it on a linux box and the only drawback that I can think of is that people
will simply need to accept your certificate. If you check out equifax I think you
will find that they also are a CA and you may want to check around for alternatives to
Verisign.
On Mon, Feb 04, 2002 at
On Tue, Oct 23, 2001 at 04:37:53AM -0600, [EMAIL PROTECTED] wrote:
I did include a note and its gone so I'll resend it. I figured out what happened. I
use Mutt so these viruses won't affect me... and as I was including the attachment I
got the wrong file... so I postponed the message and got
www.gnu.org documents valloc as follows:
Function: void * valloc (size_t size)
Using valloc is like using memalign and passing the page size as the value of the
second argument. It is implemented like
this:
void *
valloc (size_t size)
{
return memalign (getpa
Maybe this will work - setting the reply to back to the originator.
Those boobs were bouncing mail to the "repy to" instead of return path - then they
blame everyone but themselves. At least if we set the reply to back to the originator
their mail server could have flooded itself - haha.
I
DUe to a malformed lib.so it didn't work. in apache_1.3.14+openssl_1.42 it appears
the apxs script gets broken.
I have it running now.
I also have a sample script from a friend who helped me and I'll start going thru ot
tomorrow.
... still don't know why apxs broke. I'll look into that to
Raymond.
We may be doing similar things and it may be useful to sahre knowledge.
On Wed, Feb 07, 2001 at 09:08:16AM +0100, Elisee NGAN TAMBA wrote:
>
> Go to http://www.openca.org
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of LI CHEUK F
This has me stumped. Do libraries cache or something? I went through this at least
10 times and used a bash script to do it all - same session even - and suddenly it is
runnning. I was damn careful to try to reporoduce EXACTLY what I did before.
Perhaps there is somthing in the make install
There seem to be a problem with ./config shared in openssl-0.9.6 that occurs
completely independantly of apache. Os=RH6.1
The problem I am running into seems to be an apache-ssl problem so I ask the pure
openssl people to ignore that part of the email.
This is weird. I _had_ it all working
Micheal, thankyou. I did find it under "more info". This sure is not obvious mind
you... thanx for the clarification.
On Sun, Feb 04, 2001 at 06:08:20PM +0100, Michael Ströder wrote:
> [EMAIL PROTECTED] wrote:
> >
> > I created a cert with the host name known as www.evilempire.com
> > and ne
First off - I am new to this and I'm learning. I do not claim to know very much about
it and asked the question in openssl-dev because it seemed to me that if the DNS is
highjacked that the transaction can be masqueraded.
I did a test with Netscape 4.07. This browser is not terribly old.
I c
OK - I think I found it.
For anyone trying to configure this there are aome pointers.
1) The httpsd.conf file found in the apache directory, typically in
/usr/local/apache_1.3.14/conf is not used. The server instead looks for
httpd.conf. You can grab the one Ben Laurie created and mofify it
I'm having a problem getting apache and openssl 0.9.6 running. I'm getting the
following message.
[Sat Feb 3 18:40:27 2001] [notice] Apache/1.3.14 Ben-SSL/1.42 (Unix) configured --
resuming normal operations
[Sat Feb 3 18:40:27 2001] [info] Server built: Feb 3 2001 18:40:04
[Sat Feb 3
Yes - send them a bill. I think there were about 200 messages and they impacted over
100 people so that is about 20,000 messages. Management will not even HEAR about it
unless you call accounts payable. SO call accounts payable and ask for the billing
address... they you can be sure that ma
IMHO you should tell your 3rd party to use SSH and you need to do a little "educating"
in your organisation.
On Wed, Nov 08, 2000 at 02:56:05PM +, Ian Diddams wrote:
>
> I've been tasked into investigating a link a 3rd party may be making to our
> servers shortly over SSL.
>
> I've downloa
IMHO this is quite relevant. If you don't want people to comment on the
spam then how about you show leadership here.
There probably is a way - perhaps a direct tap into orbs - BUT that would
affect us more than them. See - if they ISP the emails are originating
from is in say ORBS then all mai
From:
"raffa aste" <[EMAIL PROTECTED]>
There has been more than a little spam running through this list. Is
there some way we can block the hosts?
I'm thinking a link to orbs may be in order - or perhaps contact the relay
admin and / or the ISP that these jerks connect to.
I realise this migh
You don't play poker do you. There is not way that RSA has any claim to
openSSL at all and outside of the US they have no claim to patent
protection either. Of course, if you were a salesman sitting behind an
RSA desk and you had someone dumb enough to ask - what do you think the
response will b
ok - I just read part of the paper. I'm not a cryptographer but I am a
mathemetician and here are some trivial conclusions.
the algorithm is looking for a number: N where N=p*q for two primes p and
q of relatively the same size.
If you look at the _original_ equations developed by Pohlig-Hellm
OpenSSL so far is patent free and probably will remain generally so unless
some hotshot chooses to try to patent something which has already been
done - but they don't know about. This has happened - I have examples.
RSA's stuff is patented in the US only and it expires as you say in Sept.
Thus
You missed my point. Read on...
> b) Certificates authenticate that the person is who they say they
> are.
>
> Trust goes to trusting that second statement, not the trustworthiness
> of the company behind the statement.
>
People in general presume that when they see the little key th
I looked closely into purchasing a cert from Thawte and it is still
something WE'll have to do. What strikes me though is that it seems to me
that there is no real value in such a thing.
I can for instance incorporate a company and shell out about $200 and get
my cert. After that everyone trust
49 matches
Mail list logo
