Hello,
> >> Many applications generate a static one, can the same exact key be
> >> re-used without any security considerations for unrelated sessions ?
> >>
> >> Should a highly secure application generate a new one for every connection?
> > In this case (export restriction) generating RSA 512 bi
Marek Marcola wrote:
Many applications generate a static one, can the same exact key be
re-used without any security considerations for unrelated sessions ?
Should a highly secure application generate a new one for every connection?
In this case (export restriction) generating RSA 512 bit key
Hello,
> > SSL protocol differs in server_key_exchange packet
> > (with may be used not only for export restriction).
> > This requires temporary RSA key in context.
> > If you add to server initialization routine something like:
> > RSA *rsa;
> > rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
Marek Marcola wrote:
SSL protocol differs in server_key_exchange packet
(with may be used not only for export restriction).
This requires temporary RSA key in context.
If you add to server initialization routine something like:
RSA *rsa;
rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
> > SSL protocol differs in server_key_exchange packet
> > (with may be used not only for export restriction).
> > This requires temporary RSA key in context.
> > If you add to server initialization routine something like:
> > RSA *rsa;
> > rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
> >if (!
On Fri, Jul 14, 2006, Marek Marcola wrote:
> Hello,
> > > Well ... In that case,
> > > A] how is it that s_server and s_client can
> > > communicate
> > > 1) Using the same ssl library
> > > 2) Using the same certificates
> > > 3) Using the same cipher suits
> >
> > You mean can't , don't u? That
Hello,
> > Well ... In that case,
> > A] how is it that s_server and s_client can
> > communicate
> > 1) Using the same ssl library
> > 2) Using the same certificates
> > 3) Using the same cipher suits
>
> You mean can't , don't u? That is bcoz SSL protocol
> itself is different in the export case
You urself answered it just now! :-)
The client doesn't matter, so you can connect to
s_server...
--- Urjit Gokhale <[EMAIL PROTECTED]>
wrote:
> > Well ... In that case,
> > A] how is it that s_server and s_client can
> > communicate
> > 1) Using the same ssl library
> > 2) Using the same certif
> Well ... In that case,
> A] how is it that s_server and s_client can
> communicate
> 1) Using the same ssl library
> 2) Using the same certificates
> 3) Using the same cipher suits
You mean can't , don't u? That is bcoz SSL protocol
itself is different in the export case. As Steve
mentioned ther
--- Urjit Gokhale <[EMAIL PROTECTED]>
wrote:
> Hi,
> Thanks for the reply.> > Urjit,
> > >
> > > I got it working once I replaced
> > > "EXP-DES-CBC-SHA" with
> > > "DES-CBC-SHA"
> > >
> > > I think you might have to do something special
> to
> > > enable export quality ciphers.
> > >
> >
> > Th
Hi,
Thanks for the reply.> > Urjit,
> >
> > I got it working once I replaced
> > "EXP-DES-CBC-SHA" with
> > "DES-CBC-SHA"
> >
> > I think you might have to do something special to
> > enable export quality ciphers.
> >
>
> They can place restrictions on the size of the RSA key used for kex
exchange
On Fri, Jul 14, 2006, Girish Venkatachalam wrote:
> Urjit,
>
> I got it working once I replaced
> "EXP-DES-CBC-SHA" with
> "DES-CBC-SHA"
>
> I think you might have to do something special to
> enable export quality ciphers.
>
They can place restrictions on the size of the RSA key used for k
Urjit,
I got it working once I replaced
"EXP-DES-CBC-SHA" with
"DES-CBC-SHA"
I think you might have to do something special to
enable export quality ciphers.
regards,
Girish
--- Urjit Gokhale <[EMAIL PROTECTED]>
wrote:
> Hi,
> I have attached the sample server and client
> programs for your
Hi,
I have attached the sample server and client programs for your
consideration. As these are minimal sample codes that reproduce my problem,
error handling is not done.
To run the server, you need to provide the port on the command line
To run the client, you need to provide host and port where s
14 matches
Mail list logo
