Dear Torsten,
concatenating some certificates into a single file would not automagically
make every client and server follow the rules. To enforce it,
one can check something while doing SSL handshake or immediately
after the handshake before sending application data.
Servers could get client
I still don't understand where you're disagreeing with me.
Your attack includes things like hijacking and redirection, which is not
part of an MITM attack. Your postings also seem to come down on both
sides of succesful as to whether or not that is part of MITM.
If the MITM isn't
Hi;
I want to write an authentication system which use symmetric and asymmetric cryptography. I wrote a client server program that client use tcp/ip protocol to connect to server. now i want to create CA with openssl to issue certificate for my servers. i don't know how i must teransfer
Hi,
WIll appreciate any help for the following questions:
1. I am looking at one example program that secures a TCP connection with
SSLv2. (With functiones like SSL_connect, SSL_read, SSL_write etc.)
You can take a look at the specific function
Users,
I need some advice.
I am running Mandrake 9.1 with 98 mb
RAM.
I recently downloaded and installed the RPMs
for
glibc 3.2.2 and openssl 0.9.7a.
My objective is to first make the MySQL database
server
as secure as it can be and installing openssl is my
first step.
In order to do
Hi Jerry,
MySQL is not compiled with OpenSSL support
by default. You will need to recompile the MySQL binaries with OpenSSL support,
using the command supplied. Follow the instructions in http://www.mysql.com/doc/en/Installing_source.html.
Bart
-Original
Message-
From:
Hello,
I have recently put together a MySQL installation procedure which might be
useful for what you are trying to do. My procedure is based upon Redhat
Linux 9, but I suspect that it should work just as well for Mandrake. In
section 3.3, you would need to add your specific configuration
Hi David,
I'm going to exist myself from this discussion at the conclusion of this
mail - it's consumed enough list bandwidth without further eating into my
own limited resources.
Clipping;
On July 25, 2003 11:48 pm, David Schwartz wrote:
[snip]
Not at all. SSL with comparison of the
There is no law that says the MITM must pass any traffic to any particular
party.
Yes there is. The law of definition of MITM
If he can get plaintext out of A without sending anything ever to B,
then he has won and he's still a man in the middle. The key is that he can
intercept and
