> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Salz, Rich via openssl-users
> Sent: Saturday, December 02, 2017 11:42
>
> >My personal priority list for OpenSSL is bug fixes and code cleanup
> > (static
> > and dynamic analysis of the 1.1.x codebase would be g
On 12/2/2017 6:35 AM, Michael Wojcik wrote:
> My personal priority list for OpenSSL is bug fixes and code cleanup
> (static and dynamic analysis of the 1.1.x codebase would be good, and
> one of these days I'll get around to doing it myself), and continuing
> the TLSv1.3 implementation until that s
>My personal priority list for OpenSSL is bug fixes and code cleanup
> (static and dynamic analysis of the 1.1.x codebase would be good, and one of
> these days I'll get around to doing it myself),
We do run coverity weekly, and anyone can sign up to see the results BTW
--
openssl-users m
> From: Jordan Brown [mailto:open...@jordan.maileater.net]
> Sent: Friday, December 01, 2017 19:48
> On 12/1/2017 2:57 PM, Michael Wojcik wrote:
> > Of course, anyone's free to write their own API on top of what OpenSSL
> > provides, and even make a pull request to
> > contribute it to the proj
Hi there,
long time lurker ..
This sort of thing is a Remarkably Unique Occasion ...
Personally, I do subscribe here for genuine, up to date,
informative and even humorous (on occasion) information.
I do not expect this to be the sole source of my knowledge.
But .. I did learn of the impendin
On 12/1/2017 2:57 PM, Michael Wojcik wrote:
>> Yes, compatibility is a concern. So make the "default to secure" options be
>> new functions.
> That's certainly better than what you proposed in your previous messages.
Sorry, I wasn't trying to propose any particular concrete interfaces. I
was tr
> From: Jordan Brown [mailto:open...@jordan.maileater.net]
> Sent: Friday, December 01, 2017 17:18
> On 11/30/2017 5:41 AM, Michael Wojcik wrote:
> > There are a great many OpenSSL consumers. Making radical changes to the
> > default behavior of the API would break
> > many applications - and
On 11/30/2017 5:41 AM, Michael Wojcik wrote:
> There are a great many OpenSSL consumers. Making radical changes to the
> default behavior of the API would break many applications - and so it's
> likely those applications would stop updating their OpenSSL builds.
Yes, compatibility is a concern.
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Jordan Brown
> Sent: Thursday, November 30, 2017 00:34
> On 11/29/2017 6:13 PM, Salz, Rich via openssl-users wrote:
> > I agree with you, but a problem is that “safe and secure” changes over time
> > when new crypto
On 11/29/2017 6:13 PM, Salz, Rich via openssl-users wrote:
> I agree with you, but a problem is that “safe and secure” changes over
> time when new crypto and other new features are added. And then users
> get upset when their connections no longer work.
Agreed, that's a tough trade-off.
Still,
> My number one complaint is that it seems like the defaults are generally set
> up to do the wrong things, and the application has to either explicitly set
> "yes, you should be secure" options or do stuff on its own. This seems to
> have been getting better - gaining hostname validation, for
On 11/29/2017 8:53 AM, Salz, Rich via openssl-users wrote:
> I am biased, but I believe the project is better, by almost any
> metric, then it used to be. If you have specific suggestions for how
> you think it could be improved, it would be great to see them.
My number one complaint is that it
➢ It probably wouldn't hurt to post something to the lists when there's a blog
post with news like this - items that subscribers would likely feel is
important. Blog posts like the recent "OpenSSL in China" series probably don't
need to be mentioned on the lists. But it's subjective, and I woul
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Salz, Rich via openssl-users
> Sent: Wednesday, November 29, 2017 11:54
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] FIPS certification for openssl
>
[I wrote:]
> > That sa
If you need a FIPS resource for the OpenSSL FIPS Object Module -- my
business partner (Steve Weymann) and I worked with Steve Marquess when we
were at a FIPS Testing Lab to achieve the FIPS 140-2 Cert. #1747 for the
OpenSSL FIPS Object Module.
We are now helping technology companies that need FIPS
> That said, it wouldn't hurt for the OMC to post a message to the list stating
> that business will continue as planned, since two very key figures have left
> the project.
I have two reactions, just my personal view. First, it’s premature to say
anything, we’re still figuring things out. Sec
On 29/11/2017 14:58, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Sandeep Umesh
Sent: Wednesday, November 29, 2017 07:30
To: openssl-users@openssl.org; i...@openssl.org
As per this blog:
https://www.openssl.org/blog/blog/2017/10/27/steve-marqu
Subject: [openssl-users] FIPS certification for openssl
Hello
As per this blog:
https://www.openssl.org/blog/blog/2017/10/27/steve-marquess/<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.openssl.org_blog_blog_2017_10_27_steve-2Dmarquess_&d=DwMFAg&c=96ZbZZcaMF4w0F4jpN6LZg&a
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Sandeep Umesh
> Sent: Wednesday, November 29, 2017 07:30
> To: openssl-users@openssl.org; i...@openssl.org
> As per this blog:
> https://www.openssl.org/blog/blog/2017/10/27/steve-marquess/
Thanks for pointing that o
Hello
As per this blog:
https://www.openssl.org/blog/blog/2017/10/27/steve-marquess/
Steve who is instrumental in handling FIPS certification for openssl object
module is no more associated with OSF.
How can we proceed for future FIPS certification ? Is there any other
contact person to perform
20 matches
Mail list logo
