Hello,
I got an application that establishes an TLS connection for communication.
While the communication works, I run into a memory leak that originates from
CRYPTO_malloc. I tried to search for proper OpenSSL shutdown and related
issues, but my tries did not affect the leak. Here is the ASAN
Hi, I was wondering if you could either send me or point me in the right
direction to a help file directed towards using the openssl dlls' in
practical ftp situations involving ssl and tls. I'm not sure really where
to start, but I know that I need to know what functions to call from the
dlls, and
On Tue, Jan 22, 2008 at 09:34:01PM +1100, Josh Royal wrote:
> I would like to know if it is possible to generate a certificate in which I
> can change the certificate bit eg. Make a certificate which are 40 bits, 128
> bits (which I can do) or 256 bits which is what I would like to. I also know
I would like to know if it is possible to generate a certificate in which I can
change the certificate bit eg. Make a certificate which are 40 bits, 128 bits
(which I can do) or 256 bits which is what I would like to. I also know how to
make a private key with different bits so you don't need to
Greetings, I am bit new to this. So if someone can help, I will be
grateful.
I
downloaded because OpenSSL because I am trying to get define a htttp port on
Tomcat. To do so I seem to need a keystore file. Searching on
keystore led me to OpenSSL. Following some instructions I found,
I
Here are answer's to some of your questions:
1. OpenSsl supports the X509 v3 certificate format which is used by IPSEC. So certificates generated by OpenSsl can be used for IPSEC.
2. OpenSsl has support for cut and paste mechanism (you mean PKCS10/PKCS7!). Look at apps/req.c (generation of PKCS
Hello,
I'm new to the OpenSSL community. Please help to clarify my following questions.
1) Can OpneSSL be used for IPsec certificate?
2) Does OpenSSL provide APIs to support the Cut-and-Paste certificate enrollment
for the IPsec certificate with the non-OpenSSL CAs/PKIs, e.g. VeriSign
Hi, all:
I have got a Certificate from Third Party Trusted CA.
Can I use openssl to sign my own certificate, that is, to create my own certificate? I want to be a next level CA, can I?
Thank you.
rtmDo You Yahoo!?
µ½ÑÅ»¢µ÷²éÖÐÐÄ·¢±íÄúµÄÒâ¼û¡£
chhar
Gesendet: Montag, 28. August 2000 10:57
An: [EMAIL PROTECTED]
Betreff: openssl usage
Hi,
We (Intelesoft Technologies Ltd.) are a software development company in
india.
We are providing software solutions to both indian as well as
intenational clients.
We are implementing e-commerce for few o
Hi,
We (Intelesoft Technologies Ltd.) are a software development company in
india.
We are providing software solutions to both indian as well as
intenational clients.
We are implementing e-commerce for few of our clients.
The project is being developed using Apache webserver version 1.3.12.
Now
OpenSSL
after all?
Nicolas Roumiantzeff.
-Message d'origine-
De : Claudio M. Horvilleur Mtz. <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : vendredi 26 novembre 1999 04:15
Objet : Re: OpenSSL usage liability.
>Not exactly right, the US are changing
Not exactly right, the US are changing the export law, but
we do
need to ask for a permit if the end user is a part of a
goverment
agency.
And as I understand, only 'retail' products can be exported.
That means
no SOURCES and no libraries, only aplications that use
cryptography.
By the new rules
>
>>Date: Thursday, November 18, 1999 1:55 AM
>>Subject: Re: OpenSSL usage liability.
>>
>>
>> >At 05:59 PM 11/17/99 , you wrote:
>>
>> >
>> >Another option - puchase the RedHat secure server for $149, and throw it
>>away (retaining t
, but my suggestion is
that they should be taken seriously; that's all. I think that's reasonable.
Dave Neuer
Software Engineer
Futuristics Labs, Inc.
www.futuristics.net
-Original Message-
From: Leland V. Lammert <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Dat
lt;[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>Date: Thursday, November 18, 1999 1:55 AM
>Subject: Re: OpenSSL usage liability.
>
>
> >At 05:59 PM 11/17/99 , you wrote:
>
> >
> >Another option - puchase the RedHat secure server for $149
> From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]]
> Sent: Friday, November 19, 1999 1:33 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: RE: OpenSSL usage liability.
>
>
> dimrub> Sorry for being insufficiently explicit. The company in
Swiss
&g
o tools TO the US, just not export to the rest of the world
FROM the US.) ideas? clue?
thanks!
- Original Message -
From: Geoff Thorpe <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 17, 1999 5:05 AM
Subject: RE: OpenSSL usage liability.
> Hi there
Hi there,
On Wed, 17 Nov 1999 [EMAIL PROTECTED] wrote:
> > Will the US
> > gov. bust us
> > since encrypted communications will be going across it's
> > borders?
>
> No, as long as you use exportable ciphersuites (see one of the
> apendixes of the SSL spec for a list of those). That is, you lim
Hi!
Here are my 2c, not guaranteed to be 100% true. Just some previous
expirience.
> From: K [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, November 16, 1999 5:28 PM
> To: [EMAIL PROTECTED]
> Subject: OpenSSL usage liability.
>
>
> Greetings,
>
> I am an SSL newbie so p
Greetings,
I am an SSL newbie so please forgive.
We are a small Swiss hosting company with our servers co-located in the US.
We want to start up another server in Switzerland, and have them communicate
securely through SSL using openSSL. What are the implications since we will
be using openSSL o
When a patent expires, it ceases to be enforceable, period.
-Original Message-
From: Eric Norman <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, April 29, 1999 5:35 PM
Subject: Re: RSA licensing for OpenSSL usage?
>>> This may or may
On Wed, 28 Apr 1999, Eric Norman wrote:
>
>
> > The relevant patent is the one on the RSA cryptography algorithm.
> > It expires in September 2000. It is in the US only. Outside the US,
> > the algorithm is not patented.
>
> Just make sure you understand what you can and cannot do in a few
>
Paul Rubin <[EMAIL PROTECTED]> wrote:
> My understanding is:
>
> 1) RSAREF is only licensed to be used for non-commercial purposes.
> Setting up a web retail site with it, for example, is not permitted.
The license was posted here a few weeks ago. It does allow some
commercial use. My read (IA
> The relevant patent is the one on the RSA cryptography algorithm.
> It expires in September 2000. It is in the US only. Outside the US,
> the algorithm is not patented.
Just make sure you understand what you can and cannot do in a few
months when the RSA patent expires.
What you can do is w
In Canada, my understanding is that you are in the best of possible
worlds. You don't have to worry about US export regulations, people
in the US can export to you without worrying about the regulations,
and RSA is unpatented so you don't have to deal with RSA Corp.
__
Is there anyone who can also share an experience of working
with BSAFE? How it is compared to OpenSSL? I do not mind
using BSAFE if it is reasonable. Anyway we have to pay...
Oh I think you are thinking of RSA's new SSL product, called BSAFE/SSL
or something like that.
Does anyone know the nature of the patents? When will they expire?
The relevant patent is the one on the RSA cryptography algorithm.
It expires in September 2000. It is in the US only. Outside the US,
the algorithm is not patented.
__
1. If you buy Raven, you're allowed to use it without buying further
licenses for anything. Raven has already licensed BSAFE or made other
such arrangements with RSA. The cost of the RSA license is included
in what you pay to Covalent for Raven.
2. My understanding of BSAFE is that it's a subro
September 2000, apparently.
--
"It is better to ask some of the questions
than to know all of the answers."
--James Thurber
__
OpenSSL Project http://www
-Original Message-
From: olga <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED]
<[EMAIL PROTECTED]>; [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Tuesday, April 27, 1999 4:31 PM
Subject: Re: RSA licensing for OpenSSL usage?
>
The patents for the RSA algorithms expire in September of 2000.
Dave Neuer
-Original Message-
From: Ross Foard <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Tuesday, April 27, 1999 4:02 PM
Subject: Re: RSA licensing for OpenSSL usage?
>Does anyone
Olga,
The Raven SSL module includes an RSA license to use for commercial
applications.
-Randy
> Ross,
>
> On 27-Apr-99 Ross Foard wrote:
> > Olga,
> >
> > Did you get any responses to this question? Because of
> the unclear (to me)
> > nature of the RSA licensing I am using an evaluation of
>
Now that you mention Canada . . .
I tried asking RSA sales (and you can just guess the response)
and I tried asking on the mod_ssl list, but no one responded. So,
since you mentioned Canada, what is the legal requirement there
(which is where I and my little company are). Of course, adding
to th
Ross,
On 27-Apr-99 Ross Foard wrote:
> Olga,
>
> Did you get any responses to this question? Because of the unclear (to me)
> nature of the RSA licensing I am using an evaluation of Covalent Raven while
> try
> to understand the licensing issues. In the past I have always used Netscape
^^
> replacing their implementation with another one (such as OpenSSL).
>Is that what is normally done? It is easiest since my OpenSSL version is
>working. But is that legal?
Yes it is what is normally done. Your best way to answe
Hi,
First of all thank you all for answering my question!
On 27-Apr-99 Salz, Rich wrote:
>> The RSA person
>> I was talking to says that they can not sell the license for RSA usage
>> with an OpenSSL and that we have to buy their BSAFE product. Does it mean
> that
>> BSAFE was bought (and used??
Does anyone know the nature of the patents? When will they expire?
"Salz, Rich" wrote:
> > The RSA person
> > I was talking to says that they can not sell the license for RSA usage
> > with an OpenSSL and that we have to buy their BSAFE product. Does it mean
> that
> > BSAFE was bought (and us
Look back over the past few weeks; the reason that no one has responded
is (IMHO) they are all legalese'd out. RSA has done their dead-level
best to make the license issue as confusing as possible and has
apparently succeeded.
The ideal solution is to move to Canada...
--
"We all enter thi
My understanding is:
1) RSAREF is only licensed to be used for non-commercial purposes.
Setting up a web retail site with it, for example, is not permitted.
RSAREF as normally distributed is also extremely slow.
2) BSAFE is a library that you can use instead of RSAREF and
commercial use is OK.
On Tue, Apr 27, 1999 at 08:53:03AM -0500, Ross Foard wrote:
> Olga,
>
> Did you get any responses to this question? Because of the unclear
> (to me) nature of the RSA licensing I am using an evaluation of
> Covalent Raven while try to understand the licensing issues. In the
> past I have alway
> The RSA person
> I was talking to says that they can not sell the license for RSA usage
> with an OpenSSL and that we have to buy their BSAFE product. Does it mean
that
> BSAFE was bought (and used???) for all existing commercial products that
use
> OpenSSL instead of just buying a license for R
Olga,
Did you get any responses to this question? Because of the unclear (to me)
nature of the RSA licensing I am using an evaluation of Covalent Raven while try
to understand the licensing issues. In the past I have always used Netscape
Products for our secure server needs, but the customer r
Hi,
I am using an openssl in the commercial product. As we should get license for
using RSA we were talking with RSA about the terms of licensing. The RSA person
I was talking to says that they can not sell the license for RSA usage
with an OpenSSL and that we have to buy their BSAFE product. Doe
>
> >US is far away from OpenSSL, and will probably remain that way for
> >some time, unless the US export law changes radically.
>
>
> You mean next month (Dec 15, 1999).
>
U.S. law is not going to change radically on Dec. 15. There will
still be a one time review of exported binaries. Exp
Nicolas Roumiantzeff wrote:
>
> >US is far away from OpenSSL, and will probably remain that way for
> >some time, unless the US export law changes radically.
>
> You mean next month (Dec 15, 1999).
No. The theory is that there will be no change for source export.
Cheers,
Ben.
--
http://www.a
>US is far away from OpenSSL, and will probably remain that way for
>some time, unless the US export law changes radically.
You mean next month (Dec 15, 1999).
Nicolas Roumiantzeff.
__
OpenSSL Project
> > From: Geoff Thorpe [mailto:[EMAIL PROTECTED]]
> > The strength of the cryptography being *used* across the
> > border should not
> > matter. Someone in the US can talk to my webserver at 128-bit
> > crypto (and
> > vice versa) if they want and are not guilty of exporting
> > crypto. If they
>
On Thu, Nov 18, 1999 at 10:39:10AM -0500, Dave Neuer wrote:
> >Another option - puchase the RedHat secure server for $149, and throw it
> away (retaining the license, of course). That way, you WOULD be legal with
> openssl.
> >
>
> [...]
> I feel I must repeat, "I AM NOT A LAWYER." However, I'd
imply avoid RSA.
On Thu, 18 Nov 1999 10:39:10 -0500, Dave Neuer wrote:
>-Original Message-
>From: Leland V. Lammert <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>Date: Thursday, November 18, 1999 1:55 AM
>Subject: Re: OpenSSL usage liabili
dimrub> Sorry for being insufficiently explicit. The company in Swiss
dimrub> is going to have problems with US gov. not because they use
dimrub> encryption over the border, but because they use in Swiss
dimrub> software that does strong encryption that was developed in
dimrub> US. Namely - OpenSS
> thank you geoff, that was enlightening.
>
> what about the fact that we are a swiss company? we remotely
> admin our boxes
> and so obviously we will send this 'tool' to our server from
> switzerland. is
> that legal? (i think it might be because i thought i heard
> somewhere it was
> ok to send
> From: Geoff Thorpe [mailto:[EMAIL PROTECTED]]
> The strength of the cryptography being *used* across the
> border should not
> matter. Someone in the US can talk to my webserver at 128-bit
> crypto (and
> vice versa) if they want and are not guilty of exporting
> crypto. If they
> try to send me
-Original Message-
From: Leland V. Lammert <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, November 18, 1999 1:55 AM
Subject: Re: OpenSSL usage liability.
>At 05:59 PM 11/17/99 , you wrote:
>
>Another option - puchase the RedHat secure
Steve Freitas writes:
> >Another option - puchase the RedHat secure server for $149, and throw it
> >away (retaining the license, of course). That way, you WOULD be legal with
> >openssl.
>
> I'd like to do that, but I've never seen an authoritative statement which
> would legally qualify this
7, 1999 10:53 PM
To: [EMAIL PROTECTED]
Subject: Re: OpenSSL usage liability.
are your sure the license that comes with the red hat secure server applies
to any rsa technology in use (ie software other than red hats). there is the
possibility rsa would give the license under the terms that it only
Hi,
On Wed, 17 Nov 1999, K wrote:
> thank you geoff, that was enlightening.
really?? oh ... :-)
> what about the fact that we are a swiss company? we remotely admin our boxes
> and so obviously we will send this 'tool' to our server from switzerland. is
> that legal? (i think it might be becau
56 matches
Mail list logo
