On 06/16/2016 10:50 PM, Walter H. wrote:
On 16.06.2016 22:02, Gordon Messmer wrote:
Without using a metaphor, please explain exactly who you think will
not trust these certs, because I have never met these people.
then you know now, that there exist such people ...
Well, one, but I'm hardly
On 06/17/2016 08:19 AM, James B. Byrne wrote:
On Thu, June 16, 2016 14:23, Valeri Galtsev wrote:
Oh, this is what he meant: Cert validity period. Though I agree
with you in general (shorter period public key is exposed smaller
chance secret key brute-force discovered),
Like many things that
On 06/17/2016 07:56 AM, James B. Byrne wrote:
On Thu, June 16, 2016 14:09, Gordon Messmer wrote:
I doubt that most users check the dates on SSL certificates,
unless they are familiar enough with TLS to understand that
a shorter validity period is better for security.
What evidence do you
Hi,
I wanted to see if anyone had any suggestions on what I could do to get
hibernate working.
Just as a reminder, I get:
> cat /sys/power/state:
freeze mem
> cat /sys/power/disk
[disabled]
> The first should include 'disk' and the second should say enabled or
some such.
So, clearly this is
for me I refuse it or in other words, when there is no OCSP response
and I don't get a CRL from the CA
the SSL-host is blocked;
Forget it, Walter. If you feel it's more secure that way I'm not going
to waste my time to convince you otherwise. )
On 17.06.2016 22:39, Александр Кириллов wrote:
yes and no, but faking a valid OCSP response that says good instead of
revoked is also possible ...
Could you please provide any proof for that statement? If it were true
the whole PKI infrastructure should probably be thrown out of the
window.
yes and no, but faking a valid OCSP response that says good instead of
revoked is also possible ...
Could you please provide any proof for that statement? If it were true
the whole PKI infrastructure should probably be thrown out of the
window. )
the primary reason was to prevent problems
On 17.06.2016 19:57, Александр Кириллов wrote:
Then OCSP stapling is the way to go but it could be a real PITA to
setup for the first time and may not be supported by older browsers
anyway.
not really, because the same server tells the client that the SSL
certificate is good, as the SSL
In another recent thread,[1] someone was having trouble with the
yum-plugin-fastestmirror feature, so I suggested he remove it, since it’s just
a plugin and should therefore be optional. He reported that it couldn’t be
removed due to package dependencies.
I investigated further and found that
Then OCSP stapling is the way to go but it could be a real PITA to
setup for the first time and may not be supported by older browsers
anyway.
not really, because the same server tells the client that the SSL
certificate is good, as the SSL certificate itself;
these must be independent;
On Fri, June 17, 2016 11:50 am, James B. Byrne wrote:
>
> On Fri, June 17, 2016 12:31, Valeri Galtsev wrote:
>>
>> On Fri, June 17, 2016 10:19 am, James B. Byrne wrote:
>>
>>> Keys issued to individuals certainly should have short time limits
>>> on them. In the same way that user accounts on
On Jun 17, 2016, at 7:14 AM, Harry Mallon wrote:
> Would CentOS7 consider adding the following patch to libnl3?
CentOS only rebuilds RHEL packages. I suggest going to
https://bugzilla.redhat.com/ and filing a bug against libnl3. If it gets
accepted, it’ll be included
On Fri, June 17, 2016 12:31, Valeri Galtsev wrote:
>
> On Fri, June 17, 2016 10:19 am, James B. Byrne wrote:
>
>> Keys issued to individuals certainly should have short time limits
>> on them. In the same way that user accounts on systems should
>> always have a near term expiry date set.
On Fri, June 17, 2016 10:19 am, James B. Byrne wrote:
>
> On Thu, June 16, 2016 14:23, Valeri Galtsev wrote:
>>
>> On Thu, June 16, 2016 1:09 pm, Gordon Messmer wrote:
>>>
>>> I doubt that most users check the dates on SSL certificates,
>>> unless they are familiar enough with TLS to understand
On Fri, June 17, 2016 9:56 am, Michael H wrote:
> On 17/06/16 15:46, James B. Byrne wrote:
>> On Thu, June 16, 2016 13:53, Walter H. wrote:
>>> On 15.06.2016 16:17, Warren Young wrote:
but it also affects the other public CAs: you canât get a
publicly-trusted cert for a machine
John Hodrien wrote:
> On Fri, 17 Jun 2016, m.r...@5-cent.us wrote:
>
>> Btw, I did just update flash-plugin. Does anyone know what the issue was
>> that caused the video issues in the first release of 45, and whether
>> those issues were resolved? Also, were they occurring in C7? Unless
that's the
On Fri, 17 Jun 2016, m.r...@5-cent.us wrote:
Btw, I did just update flash-plugin. Does anyone know what the issue was
that caused the video issues in the first release of 45, and whether those
issues were resolved? Also, were they occurring in C7? Unless that's the
case, it's not just me, but
On Fri, 17 Jun 2016, m.r...@5-cent.us wrote:
Just did some looking, and I see my (C6) mplayer is current, but ffmpeg
has an available update. So, assuming I can update ffmpeg, and it works
with mplayer (I have to use that - if nothing else, to look at
surveillance videos for our secure rooms).
John Hodrien wrote:
> On Fri, 17 Jun 2016, m.r...@5-cent.us wrote:
>
>> I haven't gone past 38, because when the 45 update came out, and
>> video...like, say, my *required* training from work, when I tried
>> to run it, it crashed firefox. Repeatedly. 100% of the time.
>>
>> Has anyone been using
John Hodrien wrote:
> On Fri, 17 Jun 2016, m.r...@5-cent.us wrote:
>
>> I haven't gone past 38, because when the 45 update came out, and
>> video...like, say, my *required* training from work, when I tried to
>> run it, it crashed firefox. Repeatedly. 100% of the time.
>>
>> Has anyone been using
On Thu, June 16, 2016 14:23, Valeri Galtsev wrote:
>
> On Thu, June 16, 2016 1:09 pm, Gordon Messmer wrote:
>>
>> I doubt that most users check the dates on SSL certificates,
>> unless they are familiar enough with TLS to understand that
>> a shorter validity period is better for security.
>
>
On Fri, 17 Jun 2016, m.r...@5-cent.us wrote:
I haven't gone past 38, because when the 45 update came out, and video...
like, say, my *required* training from work, when I tried to run it, it
crashed firefox. Repeatedly. 100% of the time.
Has anyone been using the current version had trouble
I haven't gone past 38, because when the 45 update came out, and video...
like, say, my *required* training from work, when I tried to run it, it
crashed firefox. Repeatedly. 100% of the time.
Has anyone been using the current version had trouble with video, etc? I'd
like to update, but not if I
On 17.06.2016 16:46, James B. Byrne wrote:
On Thu, June 16, 2016 13:53, Walter H. wrote:
On 15.06.2016 16:17, Warren Young wrote:
but it also affects the other public CAs: you can’t get a
publicly-trusted cert for a machine without a publicly-recognized
and -visible domain name. For that,
On 17/06/16 15:46, James B. Byrne wrote:
>
> On Thu, June 16, 2016 13:53, Walter H. wrote:
>> On 15.06.2016 16:17, Warren Young wrote:
>>> but it also affects the other public CAs: you can’t get a
>>> publicly-trusted cert for a machine without a publicly-recognized
>>> and -visible domain
On Thu, June 16, 2016 13:53, Walter H. wrote:
> On 15.06.2016 16:17, Warren Young wrote:
>> but it also affects the other public CAs: you canât get a
>> publicly-trusted cert for a machine without a publicly-recognized
>> and -visible domain name. For that, you still need to use
>>
On 17.06.2016 16:27, Александр Кириллов wrote:
Walter H. писал 2016-06-16 22:54:
On 16.06.2016 21:42, Александр Кириллов wrote:
I don't think OCSP is critical for free certificates suitable for
small businesses and personal sites.
this is philosophy;
I'd say when you do it then do it
Walter H. писал 2016-06-16 22:54:
On 16.06.2016 21:42, Александр Кириллов wrote:
that is right, but hink of your potential clients, because
wosign has a problem - slow OCSP, ...
because their server infrastucture is located in China, and not the
best bandwidth ...
when validity checks of the
This issue is documented in Red Hat Bugzilla Bug 1346427
https://bugzilla.redhat.com/show_bug.cgi?id=1346427
There is also a case opened with Red Hat Support: CASE 01652429
There are two workarounds:
1. Downgrade to:
brasero.x86_64 2.28.3-6.el6
brasero-libs.x86_64
Nevermind, I had to move my test file under
thepackagename/TheClassName.class and then it runs fine.
However my real program [1] consisting of few jar-files still
does not run on CentOS (while running fine on Windows).
I have to investigate more and will ask a separate question.
Regards
Alex
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
On 06/17/2016 01:42 AM, Frank Cox wrote:
> On Fri, 17 Jun 2016 07:32:19 +0100
> Ned Slider wrote:
>
>>> Johnny's announcement refers to:
>>> firefox-45.2.0-1.el5.centos.src.rpm
>>> firefox-45.2.0-1.el6.centos.src.rpm
>>> firefox-45.2.0-1.el7.centos.src.rpm
>>>
>>> The linked rhel webpage refers
Hello,
Would CentOS7 consider adding the following patch to libnl3?
https://github.com/thom311/libnl/commit/cdf2d4baf376e4a3030a2c1169516358b4fba2e5
g++ fails to build against the headers in the default devel package at the
moment so I am having to package my own. The patch is very small and
Hello fellow Linux users,
on CentOS 7.2 I have successfully downloaded and installed Oracle Java [1]
with:
# rpm -Uvh jdk-8u91-linux-x64.rpm
Also there is already OpenJDK installed:
# rpm -qa | grep -i jdk
java-1.8.0-openjdk-headless-1.8.0.91-0.b14.el7_2.x86_64
On 16.06.2016 21:59, Tony Schreiner wrote:
I note that duke.edu matches uk, and unl.edu matches nl.
Maybe they are regular expressions,
i just tried with
#include_ony=\.nl,\.de
and got less surprising results
I tried this:
include_only=\.at,\.ch,\.de,\.nl,\.uk
and got this:
Determining
On Fri, 17 Jun 2016 07:32:19 +0100
Ned Slider wrote:
> > Johnny's announcement refers to:
> > firefox-45.2.0-1.el5.centos.src.rpm
> > firefox-45.2.0-1.el6.centos.src.rpm
> > firefox-45.2.0-1.el7.centos.src.rpm
> >
> > The linked rhel webpage refers to:
> > firefox-45.2.0-1.el5_11.src.rpm
> >
On 17/06/16 04:18, Frank Cox wrote:
Johnny's announcement refers to:
firefox-45.2.0-1.el5.centos.src.rpm
firefox-45.2.0-1.el6.centos.src.rpm
firefox-45.2.0-1.el7.centos.src.rpm
The linked rhel webpage refers to:
firefox-45.2.0-1.el5_11.src.rpm
firefox-45.2.0-1.el6_8.src.rpm
37 matches
Mail list logo