Re: DH parameter reading in OPENSSL 3
On Wed, Jul 13, 2022 at 06:45:48PM +0200, Dirk Stöcker wrote: > The openssl documentation may be logical for someone who knows all the > parts and how they work together, but for everybody else it's a large > glob of isolated files which you simply can't bring together. You have > pages which sometimes describe dozens of functions which seldom have > examples and at least for me they don't help. > > My initial TLS implementation took me days (although I do nothing except > loading the parameters (key,cert,chain) and setup the stuff). Mostly I > only got that done looking at the openssl tools and how they do it. AFTER > you know how the code looks like the documentation helps but not to > getting to this state. Essentially for me the documentation thus always > was only a means to verify that the examples I used actually are correct > and not written by somebody who also doesn't understand it. This sounds like trying to build something given a Reference Manual but no Programmer's Guide. The Reference Manual describes each function, data structure, and file format in full detail. It's essential for understanding individual operations but says nothing about orchestrating them to perform higher-level tasks. It's just a complete list of fully-described features. As you said, this is where you go to understand code that already exists or that you have already designed and are writing now. The Programmer's Guide discusses the logical organization of the package, how typical higher-level tasks might use individual features of the package in sequence, which features go together, which are similar but distinct, and generally what are good ways to think about working with the product. IOW it describes many common things that you can accomplish using those features. This is where you go for basic understanding of how to organize a new design in terms of the available features of the package. A developer who is not already working with the product on a daily basis will probably start in the Programmer's Guide when creating a new design, and have both open when coding. That's my experience, anyway. One more familiar with the package will have less need for the Guide, but it never becomes entirely unnecessary. These two ways of thinking about a product are complementary, and a developer shifts between these modes of thought often while working. I agree that a Migration Guide will, after a brief discussion of the high-level differences between old and new, consist mostly of "if you did task T that way before, now you should do it something like this" for many values of T drawn from the Programmer's Guide. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature
Re: How to query current settings/policies?
On Tue, Jun 22, 2021 at 02:53:07PM +0200, Tomas Mraz wrote: > On Tue, 2021-06-22 at 14:12 +0200, Thomas Deutschmann wrote: > > Hi, > > > > with OpenSSL 3 defaulting to TLS security level 1, applications > > trying > > to make a TLSv1/1.1 connection will fail. > > > > I wonder if there is a proper way to detect current security level. > > > > I.e. how about test suites which need to know if they have to skip a > > test or not? > > > > For example, I am currently looking at MySQL which has a test to > > ensure, > > that you are still able to connect to TLS 1.3 enabled server with > > TLSv1/1.1: > > https://github.com/mysql/mysql-server/blob/mysql-8.0.25/mysql-test/suite/auth_sec/t/tls13_tls1.test > > > > The test already knows about the fact that system could have > > restricted > > minimum TLS version, see > > https://github.com/mysql/mysql-server/blob/mysql-8.0.25/mysql-test/include/not_min_protocol_tlsv12.inc > > > > However, this solution isn't stable: It's just parsing some files > > from > > hard coded paths (what about OPENSSL_CONF environment variable?) and > > guesses. > > > > Furthermore it knows nothing about Gentoo Linux for example. But > > even > > with Ubuntu, you could have a policy in place which overrides set > > OPENSSL_TLS_SECURITY_LEVEL=2 from configure. > > > > Is there a way to use openssl CLI to query this information and > > allow > > test suites for example to skip tests on a more reliable way? Or > > what's > > the recommended way for tests? > > There is already such feature request: > https://github.com/openssl/openssl/issues/14570 > > Unfortunately it was not implemented in time for beta1 so this is now > Post 3.0 item. > > I would recommend explicitly setting security level 0 via a cipher > string when executing the test. I second the motion. If a test is sensitive to some setting of the code under test, then the test should set it. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature
Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
On Wed, Jul 18, 2018 at 03:24:31PM -0500, Ryan Beethe wrote: > For a safe client application, should you explicitly set the cipher list > explicitly, rather than trust the default cipher list that comes from > the package manager's libssl? I would say that the answer to that depends on another question: do you regularly review the package manager's default cipher list, and have reason to trust it? -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] More on cert serialnumbers
On Thu, Aug 17, 2017 at 03:29:56PM +, Erwann Abalea via openssl-users wrote: > The BR are for public CAs, not private CAs; even if some of those > requirements are considered « good practice » (the 64 bits out of a CSPRNG is > such a req), they cannot be forced on private CAs. > And unless some or all of the browsers also apply these requirements to > private CAs, you’re not forced to follow them all. How does one mechanically distinguish public vs. private CAs? -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL version 1.0.2l published
On Thu, Jun 01, 2017 at 09:18:26PM -0400, Viktor Dukhovni wrote: > > > On Jun 1, 2017, at 10:54 AM, Wouter Verhelst <wouter.verhe...@fedict.be> > > wrote: > > > > It might be useful to make that point at the start of the CHANGES file, > > then. Currently, it just says "Changes between X.Y.Zx and X.Y.Zy > > [date]". While that doesn't claim to be complete, the simple word > > "CHANGES" invokes the idea of a changelog, which should be complete -- > > and this file is not. If it's not meant to be, fine -- but then it > > doesn't hurt to say so, and it would alleviate some confusion. > > Sure, would "Major changes" be sufficient? This is essentially > a RELEASE_NOTES file, not a comprehensive change log, which is > subsumed by git. Exactly. Lots of us have been trained by much experience that a file named CHANGES contains *all* of the changes, while a file named RELEASE_NOTES includes selected changes of particular significance. It's confusing to call a release-notes file CHANGES. Appending a note that, for a full change log, [DO THIS], would probably be well received. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
With regard to the idea that one can simply make older algorithms Somebody Else's Problem: is it *known* that another viable, well-maintained product sees this as one of its roles? That would be more reassuring, I think, than just hoping that some unknown group will step into the gap. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: Digital signature ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: Linux Foundation Core Infrastructure Initiative fellowships
\applause all around! -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature
Re: SSL Root CA and Intermediate CA Certs.
On Thu, Apr 24, 2014 at 12:57:36PM +, Michael Wojcik wrote: [snip] How and why do you trust any root certs? Generally they're built-in to your OS or your browser, so you're just blindly trusting that those guys know what they're doing. And they don't, and they don't care that they don't. The SSL/TLS X.509-with-well-known-CAs PKI is fundamentally broken and frequently compromised. But there's little we can do about it, so we pretend it isn't. Well, there certainly is something we can do about it, but you won't like it any more than I do: 1. Empty all of your trust stores. 2. Add the cert.s of all CAs you already trust (if any) to your trust stores. 3. Investigate each CA you don't yet trust. As you come to trust one, add it to your trust stores. 4. Pay attention to the CAs you trust, and evict any that seem to have declined to a degree that worries you. 5. Goto 3. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature
Re: ssh-add refuses to use the key on my USB thumb drive
Or 'mount -o umask=077' I think. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature
Re: I can't believe how much this sucks
On Tue, Nov 13, 2012 at 07:51:24PM +0100, Magosányi, Árpád wrote: On 11/13/2012 07:34 PM, Sanford Staab wrote: Do you guys just want to continue to answer questions on this alias and not FIX the docs somewhat over time? I could go into a litany of how much information is just missing from the docs with INCOMPLETE everywhere. You might have overlooked the fact that openssl is an open source project. Feel free to contribute the needed documentation or finance the creation thereof if your knowledge is lacking to do so. I've read more variations of this than I can count, and I never know whether to laugh or cry when I read the assertion that the person with the most imperfect understanding of the product is the best to tell everyone how it works. I've been that person and I know better. (Yes, the documentation is lacking, an I (r=1 user of openssl) also find this a sad state of affairs. But I find whining about a problem in an open source project in this tone disturbing. Rule of thumb: the more you contribute you have more right to whine. You and me have right to point out a bug, or respectfully ask for a feature. Well, I've also been in the position of the person who *is* best qualified to write documentation: the author of the software. In that role, I would hope that people complain (with details) when I've left something out. And if I continue to leave it out, I would hope that someone would show his respect for my skills with a good sharp poke: Mark, I know you can do better than this! Reporting documentation problems is different from reporting software problems. In the latter case we send a report because we understand (to some extent) what is wrong; in the former, often we only understand that there is something missing but we have no idea what it may be. Our contribution is notice of the fact that someone read X and did not find the knowledge he needed to use the product. It could (and should) extend to willingness to work with the writer to ensure that the coverage and clarity of the writing is substantially improved. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpNJNzqoTBIj.pgp Description: PGP signature
Re: Best practice for client cert name checking
On Mon, Oct 08, 2012 at 07:42:04AM +, Marco Molteni (mmolteni) wrote: try searching for certificate pinning. If you are familiar with ssh, it is the same concept of the StrictHostKeyChecking option (although obviously SSH and TLS are completely distinct protocols and by default SSH doesn't use X.509 certs). The idea is: with a standard TLS connection, acting as TLS client, you connect to an host for the first time and you receive its certificate. The standard TLS verifications are successful (meaning: the certificate really belongs to the host and it has been issued by a CA you trust). When the connection is closed, a normal TLS client will forget the certificate. On the other hand, certificate pinning remembers the certificate. Pinning means storing locally such certificate and associate it to the hostname you connected to. If the next time you connect the certificate has changed, a system supporting certificate pinning will warn you. I believe this is what the Certificate Patrol plugin for Firefox is doing, if you want to see it in action. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpbBheOvp6Xv.pgp Description: PGP signature
Re: Certificate and Certificate request (Using API)
On Fri, Jul 27, 2012 at 08:05:58AM -0700, Sanford Staab wrote: It really looks to me like the openssl documentation needs improvement as well as a better tool besides CA.pl to help people use openssl in common scenarios. I suspect there is a strong demand for creative private CA support and we should have a friendly script or cookbook for this available somewhere. Fixing this will relieve you guys of answering all these inquiries via email. TinyCA has, so far, sufficed for my modest needs. http://tinyca.sm-zone.net/ -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpOYxbnU7YZ2.pgp Description: PGP signature
Re: My bank has an invalid cert
On Thu, Aug 25, 2011 at 03:39:59PM -0600, t...@terralogic.net wrote: Very good! I can write a little code to do that! The Firefox team already did it for you. In v3.6: Tools | Page Info | Security | View Certificate | Details | Certificate Hierarchy. Select any member of the chain and see details below. Thanx On Thu, Aug 25, 2011 at 05:24:14PM -0400, Crypto Sal wrote: You typically import certs through the Firefox certificate manager found via Edit - Preferences - Adv. - Encryption - View Certificates. It should be self explanatory from here. The only other question that remains is which Root CA. That can only be done by reading the certificate hierarchy that is presented by the bank's server, which it should provide you upon making an s_client connection. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgptNUiPZUJX2.pgp Description: PGP signature
Re: My bank has an invalid cert
On Thu, Aug 25, 2011 at 01:51:01PM -0700, Craig White wrote: the answer lies with the people who wrote the software for the certificate store since the whole point is trust. If users could manipulate the root certificate store, then it would be impossible to trust anything. Wht? Of course I can manipulate my browser's root certificate store. There's a nice bit of UI provided for exactly that purpose. I can install new certificates, remove ones I don't trust, examine all. Of course I can manipulate my OS' trust store. It's just files in /etc. There's no way to keep me out. Better to say: if users canNOT manipulate the root certificate store, then it would be impossible to trust anything. The whole point is *my* trust. (And yours.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgp0wNS8oiuaN.pgp Description: PGP signature
Re: [openssl-users] Re: How to disable index and serial?
Ah. I did not understand that referenced by browser vendors meant we were talking about inclusion in their canned trust stores. Thanks, both of you. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpbxjvrsNucj.pgp Description: PGP signature
Re: [openssl-users] Re: How to disable index and serial?
On Tue, Jan 11, 2011 at 07:23:54PM +0100, Erwann ABALEA wrote: In order to be referenced by browser vendors (Opera comes to mind, and I think Mozilla will require this), the serial number MUST be random (or at least *appear* random from the outside). Oh, now I'm curious. How do they test the randomness of a single sample? 1 is every bit as random (or nonrandom) as 0xdcb4a459f014617692d112f0942c89cb. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgp4K28h90CTU.pgp Description: PGP signature
Re: How to disable index and serial?
On Tue, Jan 11, 2011 at 05:39:19PM +0100, Fredrik Strömberg wrote: Hello Patrick, Thank you for your email. I somehow managed to miss the word mandatory in the manual. I guess there´s nothing else for me to do than code a file lock. I need to run multiple openssl instances, and openssl doesn´t lock the serial and index files. That´s why I figured I´d avoid the problem by not using the serial or index file at all, and maybe supply a unique serial from the command line. That sounds like a problem with OpenSSL that should be fixed. Perhaps you could develop and share a patch that provides locking? -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgp0W7wcocR7D.pgp Description: PGP signature
Re: Error signing certificates with my own CA... Configuration file?
I don't want to discourage you from learning the details yourself, but you may want to look at some wrapper software that is already worked out and takes care of these things for you. For example, I usually find TinyCA adequate to my minuscule certificate-processing needs. Even if you decide not to use such a tool, you may learn some useful things by studying the code. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the reality that only a little more than 2 percent of world population has broadband. -- Ledford and Tyler, _Google Analytics 2.0_ pgpUFiBawtbrY.pgp Description: PGP signature
Re: How to make a legit CA cert?
This should be more widely understood: an application considers a CA trusted because some human told it so. There is no other way. The recognized CAs are trusted by e.g. your browser because the maker of the browser decided to trust them and so put them into the list of trusted CAs that is packed in the browser. Others have written about the kinds of things those CAs needed to do in order to gain that trust. If you decide that you don't trust one of them, you can take it out and it becomes untrusted *for you*. If you decide to trust a CA that hasn't made the browser makers' goodie lists, you can just install it in your browser's list of trusted CAs and it becomes trusted *for you*. Anyone else can do that too, with a similar result for himself. If any given cert. is calculated to be trusted, that means that, at the top of the chain, it can be linked back to a cert. that someone marked manually as trusted. Trust is not calculable without that. Really, the only thing protecting most people from rogue CAs is the browser makers' understanding that they, too, are in a position of trust, and could be hurt badly by lax acceptance practices no matter how many disclaimers they slather onto the EULA. We should all check and tune our browsers' trust lists. (No, I haven't.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the reality that only a little more than 2 percent of world population has broadband. -- Ledford and Tyler, _Google Analytics 2.0_ pgp6nnl3aO4Ab.pgp Description: PGP signature
Re: CPU usage and FPGA support
Notice a few things: o The OP asked about reducing CPU load, but the answers all talk about making encryption faster. These are not the same thing. Offloading encryption might *reduce* throughput of the encrypted streams, and yet free up CPU time to do other things. Encrypted communication might not be the highest priority task in the system, and there might not be much of it to do per unit time. o This is a student project. The objective is to learn something specific about the design of digital systems, not (necessarily) to maximize throughput. The requirements don't have to make practical sense, so long as they make educational sense. Anyway, when did anyone pass a law that says requirements have to be sensible? :-) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgp6z9PIKV9Zx.pgp Description: PGP signature
Re: General question about documentation
On Tue, Dec 01, 2009 at 03:23:15PM -0800, Rene Hollan wrote: The problem is that the documentation may not be correct, sending your coders on a wild goose chase. Bah, if the code does not do what the documentation describes then the *code* is incorrect. Documentation can only be incorrect if it does not model the problem that the code is intended to solve. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpKR3QEobidk.pgp Description: PGP signature
Re: General question about documentation
On Tue, Dec 01, 2009 at 02:08:08PM -0800, Randy Turner wrote: As an investor, I would rather have my coders use a product with documentation to make progress on the actual goals of the product, rather than reverse-engineer the information they're trying to look for. With the former method, my cost is (n), with the latter method, my cost could be unbounded, depending upon how complex the source code is (i.e., explicit code, or 14 levels of indirection and C macros that have to be understood). It sounds like you're making the case for documentation to meand I agree. Hear, hear! I've done such reverse-engineering. I once disassembled the compiled code (all there was on the Unsupported tape) for the TOPS-20 Programmable Command Language; edited it (through many iterations) into clean, idiomatic, well-commented MACRO-10; studied how it hooked into the EXEC; and from the coments wrote a user's manual, so I could figure out what the heck it did. I'm quite proud of my work. I never, EVER want to do anything like that again. It was lengthy and exhausting and ultimately unsatisfactory. Along the way I learned all the way down to my toes how little information is conveyed by code about what the designer was thinking or how he expected his design to be used. That's why, in a commercial OS, right next to each Reference Manual there is a Programmer's Guide or a User's Guide. I wish I *could* write some of the Programmer's Guides I have wanted over the years but, obviously, the person who needs one is the person least able to write one. My PCL manual, proud as I am of it, was a botch, much too short and incomplete. I simply wasn't able to glean enough information from the source to write properly. The designer knows things the rest of us do not, and it is precisely that knowledge which gives documentation much of its value. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpwKJpF5MXBS.pgp Description: PGP signature
Re: Geode on-chip AES 128-bit crypto accelerations but OpenSSL doesn't use it
On Mon, Sep 28, 2009 at 01:54:57PM -0700, Kyle Hamilton wrote: OpenSSL uses the operating system to get entropy. If AMD wants Linux to support its on-chip random number generator, it needs to write a driver that replaces /dev/random and /dev/urandom. ...or feeds into them. Sufficient but not necessary. If AMD have released spec.s in a manner compatible with the kernel license and development model then someone else could write that driver. Some would say that is the preferred method. In addition, Intel has been playing nice and getting its code in the openssl distribution, as a set of patches that were integrated not too long ago. Nobody has submitted such a patch for the Geode to my knowledge (I'm not god of the request tracker, but most mails sent to r...@openssl.org are forwarded to the -dev list; I've not seen any patches come in). (i.e.: Intel is doing strategic positioning that AMD is not.) That's smart of Intel. But again, if AMD have released spec.s under liberal terms then maybe they think they *are* positioning their product, and nobody has picked up on it yet. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. smime.p7s Description: S/MIME cryptographic signature
Re: OpenSSL 1.0.0 beta 1 released
That's a Layer 1/2 issue. Perhaps you mean RFC 3514? -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpD1Wm4j9Cwx.pgp Description: PGP signature
Re: Need help with keytool
On Tue, Feb 24, 2009 at 03:11:29PM -0800, John Oliver wrote: On Tue, Feb 24, 2009 at 03:48:21PM -0500, Mark H. Wood wrote: I don't think Sun keytool will do thist step. You can export certificates but not private keys -- at least, I've never found a way to move private keys in or out using keytool. And there doesn't seem to be an option to transform one type of store into another. Well... this might be another case of my simply not knowing the correct terminology, but if this goofy Java tool will happily save as , or create, or export to, or whetever it's actually doing, to a .jks... it doesn't seem to me that that would be something that should be impossible for the real tool. I looked again. I was wrong: Sun did provide a way to import one store into another. (Terminology bit me too. import?) I think you could use this to transform the PKCS12 store into a JKS store: keytool -importkeystore \ -srckeystore certificate.p12 \ -srcstoretype pkcs12 \ -destkeystore subscriber.jks \ -deststoretype jks [it asks for the destination keystore password. Enter password.] I cobbled up a certificate and key using OpenSSL, and this seems to work. The part we haven't been told is why you have to start with a PKCS#12 bag if you have to end up with a JKS bag. Any procedure that requires generating a private key outside of Sun keytool is not going to work if it has to produce a JKS bag using keytool. The java.security.Keystore class appears to be able to store externally-provided keys, but keytool doesn't let you at that method. No idea. It's very likely that the answer is, Because that's the way Joe did it when he figured out how to create the keystore, and it worked, and nobody has cared to revisit the process since. If you could use -genseckey to let keytool generate the key, you could start with a .jks and there'd be no problem. I'm actually starting with a private key and a certificate for the server, both in PEM format. The PKCS12 is created like: openssl pkcs12 -export -chain -in cert.pem -CApath . -CAfile 14.pem -inkey key.pem -out certificate.p12 14.pem contains the PEM certificates for the CA that signed the cert for the host and the PEM for the Root CA that signed the intermediate CA. Aha! The reason for this dance is that it is a way to sneak an externally-generated private key into keytool, by going behind its back. You can manipulate a PKCS12 bag using OpenSSL, but not a JKS. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpiNppW5xhzb.pgp Description: PGP signature
Re: Need help with keytool
On Tue, Feb 24, 2009 at 03:17:52PM -0800, John Oliver wrote: On Tue, Feb 24, 2009 at 03:48:21PM -0500, Mark H. Wood wrote: On Tue, Feb 24, 2009 at 08:02:30AM -0800, John Oliver wrote: 10. Right click on the displayed keypair and Rename it to 'key' -changealias -alias OLDNAME -destalias key Question: When I did this with the GUI tool, the OLDNAME was something like a spastic orangutang had been given some crystal meth and then a few seconds on the keyboard. It didn't appear to have any relation to anything. Is there any way to read that value in, or say Whatever it was called before, I don't care, call it 'key' now? keytool -list -storetype pkcs12 -keystore certificate.p12 -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpdlxFqRMMJq.pgp Description: PGP signature
Re: Need help with keytool
On Tue, Feb 24, 2009 at 08:02:30AM -0800, John Oliver wrote: I need to turn PKI certs into JKSes. I have some instructions from one JKS is Java KeyStore or some such. It's a database of certificates and private keys. You can't turn a certificate into a .jks but you can store certificates into one. None of this stuff is to do with OpenSSL, so this list may not be the best place for answers. And I'm not anything like an expert on keytool or JCA, but I will try to explain a bit. of the developers, but it refers to a KeyTool UI which, it turns out, is not part of the base OS install, but, Oh, just go out and search the Internet for one... No thanks. Besides, I'd like to script this So helpful, they are. stuff. The man page for keytool doesn't help me much, as I know, basically, nothing about this stuff. The terminology is meaningless to me :-( ( Speaking of which, if anyone can direct me to some kind of tutorial or online lesson about the basics of PKI, SSL, etc. that would be awesome! ) So... I'd like to request some assistance in turning the following instructions into CLI 'keytool' commands. Spoiler: I don't think there is a way using the tool you've chosen, but read on for my best guesses. After creating a PKCS12 file... 9. Use KeyTool UI (Java tool), go to File-Open Keystore and open certificate.p12 -storetype pkcs12 -keystore certificate.p12 are needed to specify the keystore file and its (non-default) type. You will need these for all steps that operate on this file. 10. Right click on the displayed keypair and Rename it to 'key' -changealias -alias OLDNAME -destalias key Names are aliases in keytool. I don't believe that PKI terminology includes the concept of naming a keypair. 11. Import the COC CA-13 certificate into the new keystore using Tools-Import Trusted Certificate -importcert -file THE_CERTIFICATE_FILE I think you will be required to specify -alias SOME_NAME, and you may want to add -trustcacerts. 12. Go to File-Save Keystore As and use 'password' Meaningless for keytool, which loads and saves the same -keystore file. 13. Save the file as subscriber.jks I don't think Sun keytool will do thist step. You can export certificates but not private keys -- at least, I've never found a way to move private keys in or out using keytool. And there doesn't seem to be an option to transform one type of store into another. The part we haven't been told is why you have to start with a PKCS#12 bag if you have to end up with a JKS bag. Any procedure that requires generating a private key outside of Sun keytool is not going to work if it has to produce a JKS bag using keytool. The java.security.Keystore class appears to be able to store externally-provided keys, but keytool doesn't let you at that method. If you could use -genseckey to let keytool generate the key, you could start with a .jks and there'd be no problem. I am told that renaming the keypair is important, as our application cares. Same with using the password 'password'. :-O Do they leave a key under the doormat, too? -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpVHchmnYVTo.pgp Description: PGP signature
Re: Year 2038 problem
On Mon, Oct 06, 2008 at 10:19:08AM -0500, Michael S. Zick wrote: On Mon October 6 2008, Thomas J. Hruska wrote: Philipp Gühring wrote: Hi, The biggest Problem with the Y2038 problem I see is that most people believe that it will go away due to the migration to 64 Bit machines. But this isn't going to happen. We have to start fixing 2038 now, also for all our 32 Bit platforms, 16 Bit platforms and 8 Bit platforms. Best regards, Philipp Gühring Well, that and the problem that it is so hard to get anyone to think about time formats w.r.t. any time other than right now. Already the idea 31 years from now is inexpressible. Oh...you mean like these problems (disclaimer: Found on the Internet and taken out of context): Having spent a few years in testing development fuze and guidance systems... Don't worry about that one. If you are seriously concerned, move at least 150 miles away from any of the A-List cities. ;) (50 mile error allowance, 50 mile 100% kill zone, plus room to hide.) A more likely possibility - All of the crypto-locks on the physical facilities will not work, nor any of the access cards - nobody will be able to get in. Meaning the world will be effectively, totally disarmed. So long as *none* of the parties fix their clocks first. We must not have a clock-width gap! :-) -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpVIwE2R3Rwk.pgp Description: PGP signature
Re: extended validation certificates
Well, it sounds like there *is* another, more legally correct way: set up your own CA (easy!) and do what it takes to get it certified by the CA/Browser Forum (should be difficult). Then you'd legally have the privilege of coining the cert.s that you want. I seriously doubt that issuance of self-signed cert.s would pass the audit, but your CA doesn't have to work that way. The question then is whether the ability to issue EV cert.s yourself is worth the effort and expense of doing it properly. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpe9FNer5LRV.pgp Description: PGP signature
Re: Code goes into a loop
On Fri, Jun 13, 2008 at 01:07:50AM -0700, Brian Lavender wrote:
On Tue, Jun 10, 2008 at 10:20:56PM -0700, David Schwartz wrote:
This code just goes into a loop and keeps writing the first piece
of info it reads. What am I doing wrong here?
while (nread = BIO_gets(out, buf, sizeof(buf) ) )
{
err = BIO_write(out,buf,nread );
}
That's precisely what it's coded to do. Get a byte, then write that byte
out, then get that byte then write it out. (Perhaps you meant to 'gets' from
a different 'BIO' than you 'write' to?)
It's supposed to be a simple echo server. gets reads data until it
reaches a carriage return, correct?
Not Echo but Ouroboros. :-) You read a buffer of stuff from out, then
write that buffer to out, which now has a new copy of the same stuff
to read again. The serpent has seized its own tail.
To echo, you need to take in data from somewhere else so that it winds
up in the BIO, then take from out and write it to somewhere else.
Perhaps you want to read from a different BIO in and copy to your
BIO out. Like so:
#include stdio.h
#include openssl/bio.h
int main (int argc, char *argv[])
{
BIO *in, *out;
char buf[1024];
int nread;
int err = 1;
in = BIO_new_fp(stdin,BIO_NOCLOSE);
out = BIO_new_fp(stdout,BIO_NOCLOSE);
while ((nread = BIO_gets(in, buf, sizeof(buf))) err 0)
{
err = BIO_write(out, buf, nread);
}
}
A network echo service would use sockets instead of stdin, stdout
(unless it's meant to be run by something like inetd).
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is intuitive he
means the exact opposite.
pgpqBeVFub079.pgp
Description: PGP signature
Generating a renewal CSR from existing CSR?
Am I reading the 0.9.8 documentation correctly, that there is no way to get 'openssl req' to read in a CSR, generate a new keypair, and write out a new CSR and private key? Because that would be mighty handy for ordering renewals while not allowing the private key to go stale. Like: openssl req \ -in 2007.csr \ -newkey rsa:2048 \ -out 2008.csr \ -keyout 2008.key Yeah, I could generate a completely new CSR with the constant data filled in using a custom config, IF I had built the original CSR that way, but I didn't. :-( Maybe I will go ahead and make one for next year. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpwLwFBU4rOO.pgp Description: PGP signature
Re: Changing the expiry date of a cert
On Wed, Oct 17, 2007 at 08:34:56PM -0700, Jim Fox wrote: This was a certificate authority certificate. As such, the renewal has to have the same key and DN as the original in order to continue being a CA for previously signed certificates. Further, it won't be a trust root until it's distributed and the recipients are satisfied that it is legitimate. And I think that's the real question: When my CA's certificate expires, can I update it without having to deliver copies securely to everyone who is supposed to trust my CA? The answer to *that* question had better be NO. It truly doesn't matter whether you made a new certificate or updated the old one, because in either case you must distribute it again in a trustworthy manner or nobody will trust it. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpBe6yBeomvJ.pgp Description: PGP signature
Re: LDAP instead of /etc/ssl/certs ?
On Fri, Jul 20, 2007 at 12:04:18PM -0400, Patrick Patterson wrote: Hi Hadmut; On Friday 20 July 2007 11:05:37 you wrote: On Fri, Jul 20, 2007 at 04:32:08PM +0200, Bernhard Froehlich wrote: Of course it would be possible (though probably a good bit of coding work) to use a LDAP library like OpenLDAP to fetch the certificates and then use them with OpenSSL library functions. Hope it helps. Not really, this was just the obvious facts. Doing it yourself is what always works. But since storage of certificates in an LDAP tree is state of the art and more natural than /etc/ssl/certs (keep in mind that originally these X.509 certificates were intended to protect and to be stored in a X.500 directory, which of LDAP is a subset), I wonder why this had never been implemented. Possibly because everyone is waiting for you to contribute the code. :-/ Well, I believe that it was done this way because the OpenSSL /etc/ssl/certs is just the Unix way of implementing the concept of the Trust Anchor store. The thing is that since those certificates are trust anchors, then it would be highly insecure to not have these certificates locally, and if the user Define locally. In my LDAP server behind my firewall is one arguably reasonable definition of locally. was to have them locally in a local LDAP Server, then they would need to have an LDAP server that was configured for a very large namespace (it would have to, in essence, mirror Verisign's, Global Trusts, and all of the other Certificate authorities LDAP namespace). Okay, why? Consequently, it is probably highly undesirable to store these trust anchors as something other than a series of CA certificates Tell Novell and Microsoft, who've been storing certificates in their directory products since late last century. (think what would happen if you were to look up these certificates somewhere other than locally, and someone were to spoof the DNS entry... since you are looking up these certificates to make a trust decision, it would be possible for an attacker to spoof both the CA and the end entity certificates, and that would be a VERY BAD THING :) Well, that's what DNSSEC is for. Not to mention mutual authentication between the directory and client. I don't see why this CANNOT be secured. I agree that it takes careful attention to detail if it is to be secured. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpZJcxMK3gG2.pgp Description: PGP signature
Re: renewing certificate
I went to www.microsoft.com and searched for IIS install certificate. The first hit led me to: http://msdn2.microsoft.com/en-us/library/ms751408.aspx with step-by-step instructions. (Ignore the leading part about 'makecert', of course -- you already have a certificate.) -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpG5qCJimR4Z.pgp Description: PGP signature
Verifying that a private key and certificate match
Is there a built-in command in the openssl utility which can verify that a private key and a certificate represent a valid keypair? Or is there some simple way to determine this using other built-in commands? -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpLZ8vi8DsNq.pgp Description: PGP signature
Re: HTTPS security model
The difficulty for the end user here is that the little lock icon is overloaded: it is taken to mean both session is secured against spying AND session is with a trusted partner. One could argue that this confounds authentication (verifying the cert.) and authorization (asserting trust of the target site). One could also argue that end users should know better than to read it that way, but the UI is just too simple to do the job required and the protocol hasn't been supplying all the information that the user really wants. The CA and browser folk (http://www.cabforum.org/forum.html) have been working on that and are about to roll out a fix, which they're calling Extended Validation. It looks like, for more money you get a certificate which certifies more about you such as your business' real-world name, and compliant browsers will display the additional information when you connect. This begins to pry off one of the two meanings of the lock. It is at least an interesting attempt. Maybe after a while we'll get browsers which allow us to craft explicit trust lists, so that we can have a little smiley-face or something next to the lock which indicates you have explicitly told me to trust this object. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpz4zisIJ0da.pgp Description: PGP signature
0.9.8d configure overrides -march=; any workaround?
In building the new release I noticed lots of these: gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -march=pentium4 -mcpu=pentium -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -c -o mem_clr.o mem_clr.c `-mcpu=' is deprecated. Use `-mtune=' or '-march=' instead. Note that I did in fact specify -march=pentium4, but config has its own ideas about what kind of CPU I have and appended -mcpu=pentium. The code in config is really too simple. Unless developers want to enter the Red Queen's Race and maintain an ever-expanding and probably fragile block of code to winkle out the precise CPU specification for dozens of models, several brands, and various versions of GCC it is probably better to just punt this decision to the builder. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgp1Xi1tjl9jC.pgp Description: PGP signature
Re: how do i escape spaces in -subj (DN) arg to req?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I don't see an 'ssl' command on my system -- is this a shell script or an alias? If you have a script 'ssl' calling 'openssl' then you're going to have to deal with layers of quoting. For example, if 'ssl' is a script, then upon entering the command 'ssl req -subj /C=US/ST=NY/L=New York' it should receive arguments: 0: ssl 1: req 2: -subj 3: /C=US/ST=NY/L=New York which is fine so far. But if for example 'ssl' contains something like: openssl $@ then the command will be expanded to: openssl req -subj /C=US/ST=NY/L=New York and 'openssl' will receive arguments: 0: openssl 1: req 2: -subj 3: /C=US/ST=NY/L=New 4: York which doesn't appear to be what you wanted. This much can be patched up by replacing '$@' with '$1 $2 $3 $4 $5 $6 $7 $8 $9' (resupplying any quoting that may have been stripped). Further nested layers of interpretation by the shell would have to be treated similarly. Escaping double-quoted string contents with backslash won't make a difference, because the escape will be consumed in the initial argument processing before 'ssl' gets control. Single quotes can preserve it through one round of expansion but not more. If 'ssl' is not a script or an alias, then we (or at least I) don't know what it is and cannot advise without more information about it. I just tried the command: openssl req -subj /C=US/ST=NY/L=New York -new ny.req on OpenSSL 0.9.8 under the shell Bash 3.00.0(1)-release and it works just fine: mhw:~$ openssl req -text -noout ny.req Certificate Request: Data: Version: 0 (0x0) Subject: C=US, ST=NY, L=New York etc. - -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (GNU/Linux) Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/ iD8DBQFE5db7s/NR4JuTKG8RAgXPAJwPrjQm9mI99D/4agwrgX09KjLSUACffvVx hKVXqtThDzDkQfHNMZ2isHw= =QZtN -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: CSR Without Prompting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 9 Jun 2006 [EMAIL PROTECTED] wrote: I need to generate a CSR without prompting the user (I am getting the info from an HTML form). Likely you are already in a Perl script? What about copying a template config to a scratch file, making appropriate substitutions from the form data? Or if your form processor isn't a convenient place to do this, you could fork a command that pipes the template through e.g. sed. - -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/ iD8DBQFEiXxZs/NR4JuTKG8RAqTZAJ9wuamqBlbTo57R1veYYu2gmienUwCfbmc4 i9DvEIPDdurkvOz4RyUnh8k= =U5br -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [openssl-users] Re: openssl req -x509 does not create serial-number 0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I think that part of the difficulty here is the words used. Our experience in other areas is overwhelmingly in favor of serial number being a sample from a counter that starts at 0 or 1 and is incremented by 1 every time it's consulted. So we see a field described as a serial number and ask why it isn't behaving properly. It's too bad the standard calls this attribute a serial number rather than, say, certificate unique identifier, but the term is fixed now. - -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Open-source executable: $0.00. Source: $0.00 Control: priceless! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/ iD8DBQFEBFyts/NR4JuTKG8RAvwvAJkBaF0r/EWrlN94kzBXyhdYDukKLQCfVOIr P337Skc1EMAy4i1wowAXiDQ= =nhvt -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Does a root CA need two certificates?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 19 Jan 2005, Richard Levitte - VMS Whacker wrote: In message [EMAIL PROTECTED] on Wed, 19 Jan 2005 11:47:25 +, Shaun Lipscombe [EMAIL PROTECTED] said: [snip] shaun.lipscombe Just search any keyserver for Superman and I'm sure shaun.lipscombe you'll find someone that claims to be Superman for shaun.lipscombe example. Claims it in what way? You mean as part of the real name or as part of the email address? Either way, what stops anyone claiming the same in the X.509/PKIX world? That's not the point either way, the point is if you trust the claim, or if you trust someone who would trust that claim. That kind of trust can be handled, both in the OpenPGP world and the X.509/PKIX one. Claims it in what way? is in fact an extremely important question. I have little doubt that someone could find a judge willing to allow him to change his legal name to Superman. After that it would say Superman on his business cards, bank accounts, utility bills, etc. and it would be reasonable to say that that person's name is Superman, or, here, let me give you a copy of Superman's email certificate. None of that says anything about whether the individual in question is the comic-book hero, able to fly, crush charcoal into diamonds in his hand, reflect bullets with his unprotected flesh, a native of Krypton, etc. It's necessary to think about what his name is Superman means, and whether that meaning is of any use in determining the kind of identity you want to prove. The same is true of X.509 or OpenPGP certificates, or really any other identifier. It's always necessary to decide what it is you want to know, before accepting something as identification. - -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Open-source executable: $0.00. Source: $0.00 Control: priceless! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/ iD8DBQFB7qOps/NR4JuTKG8RAhbbAJ9qLXT7lvUg9/OyzIkeCkqHoa+PsACgiPGc C1TKEFXfny4Pqvg6mkBr01Y= =rFTN -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Securing a CA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Um, feel free to point me elsewhere, but I'm having trouble visualizing what's being discussed. I keep reading branched certificate chain, but what I understood from the description is like this: Before:OurRoot --- Level1 --- EndUsers After: IdenTrust --- OurRoot --- Level1 --- EndUsers where the arrow is pronounced signed. In what way is this branched? Now, if you did it this way: Before: OurRoot --- Level1 --- EndUsers OurRoot \ After:-- Level1 --- EndUsers -- IdenTrust/ (That is, two roots have signed the Level1 CA's cert.) then I could see calling it branched, and that a very simple verification algorithm could be confused. But multiple signatures don't seem to be allowed by the ASN.1 definition of Certificate that I find in RFC3280, so this can't happen. I guess that the branching is actually this: the verification code reaches a point at which it is known that a certificate for OurRoot is in our store of trusted roots, and *also* that a different, non-selfsigned certificate was provided by the other end. The code could: o check first in its own store, when verifying Level1, see a selfsigned cert. that is trusted, and consider the chain completed; o check first in the stack of cert.s offered in the exchange, see that OurRoot is itself a subordinate cert., and continue chaining back to IdenTrust; o check *both*, note a discrepancy, yell bloody murder! and ask the user for a decision. If I've misunderstood the problem, what would you recommend I read? - -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Open-source executable: $0.00. Source: $0.00 Control: priceless! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/ iD8DBQFAh+WUs/NR4JuTKG8RAi/eAJ4wirlIcDZTUNVGnlp6U+DyVXl35wCfX2i6 HQ99YtYMAilcyLM/i1pmZv4= =PHLU -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: introduction
On Thu, 13 Mar 2003, Boyle Owen wrote: SSL and mail? Usually, SSL is used to secure the communications between a webserver and its clients. I guess you could encrypt SMTP traffic but I've never done it (no doubt someone else will comment on this). The SMTP verb is STARTTLS. See RFC 3207. Something like this is also defined for POP, IMAP, ACAP, and some others. I've been toying with the idea of inventing a new UUCP protocol to provide authentication and secure transport using TLS (but there's no code yet). There are lots of uses for something like TLS, beyond web stuff, and probably many more yet to be discovered. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Queries on SubjAltName
On Tue, 28 Jan 2003, Kiyoshi WATANABE wrote: Any pointers on how to generate certificates using SubjAltName extension. As with all extensions doc/openssl.txt Many people including me are asking the similar questions. Do you think that it is a good idea to mention about this document in openssl.cnf file as a comment? Second the motion. Also, openssl.txt is a rather obscure name considering that the document is narrowly focused on two aspects of the package. Shouldn't it be split into X509V3-extensions.txt and PKCS12-library.txt or something like that? -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: free Certificate Authority
On Fri, 1 Nov 2002, Xperex Tim wrote: I don't really see the value of free certificates. If they are free that means that the CA can't be doing any identity checks. So any schmoe can get a certificate with your name on it and claim to be you. I agree that such cert.s are essentially anonymous. They are worthless for identifying *persons*. They can be useful for identifying an email account (if that is of any use) and they are quite useful for initializing secure channels. I would be willing to accept evidence of possession of such a cert. as proof of identity *if* I had verified that binding by other means. I would be willing to accept the integrity of an SSL session initialized by the use of such a cert. even though I might require further proof that the session's payload was true at the point of origin. The underlying point here is that evidence of possession of a given certificate can be used to verify a wide variety of things, but each type of identity requires a different kind of investigation before a binding can be trusted. I am the person who sent you the previous packet is an entirely different assertion from I am the person whom you met in Chicago on date D or I am the person X named in Y's will. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Upgrading openssl
I just checked, and here Apache and OpenSSH both link to the shared OpenSSL libraries. If yours were also linked with the shared libraries, then a new patch release should just drop in. You'll need to exit and restart sshd and httpd before they'll start using the new libraries, though. If you have other products which depend on OpenSSL you should check to see if they use the shared libraries. If your system uses Gnu binutils, you should have an 'ldd' command which lists the shared libraries used by an executable. If you don't have 'ldd', see your OS vendor's documentation. Anything which is statically linked with code from the library archives will need to be rebuilt before it can use the updated libraries. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Errors
On 4 Jun 2002, Shalendra Chhabra wrote: 1. I am able to generate Certificate and Private Key using command line options in Openssl. can someone tell me are they considered good? and if they are good why do we need Certificates from companies like Microsoft, Verisign??? Considered good by whom, and what does good mean? Certificates produced using OpenSSL ought to be just as good in the mathematical sense as anyone else's. What those certificates *mean* depends on just how hard the issuer works to prove that the entity requesting the certificate is providing a valid identity to be bound to the requested certificate. Certificates from recognized commercial CAs have considerable value because we believe that those CAs do a reasonable job of verifying identity. Certificates issued by the experimental OpenSSL-based CA I have on my office workstation have no particular value, and in fact my CPS says so. Certificates issued by random CAs set up with Microsoft's cert. management tools have value in proportion to the trust you place in the person running the CA and the security of the CA host machine. Commercial certificates for e.g. web servers have other value as well, in that most Web browsers will already be set up to trust those CAs. If you mint your own cert.s using OpenSSL or the Windows gadget, nobody will have heard of your CA so you have to convince them that you're trustworthy before they'll add your CA's self-signed cert. to their store of trusted authorities. (Of course, some people don't require much convincing.) A private CA is probably best used for internal projects only, since it's a lot easier to develop the necessary trust within a small, closed community. The MS gadget has one other thing going for it: it's all wrapped up in a pretty package so that you can just push a few buttons and have a private CA ready for use. OTOH OpenSSL lets you see what it is doing, and it's flexible enough to do a lot more than just issue magic numbers. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl-users] I'm confused on the big picture. Help?-------=========--------}}}}}}}}
On 15 May 2002, Eric Rescorla wrote: Chris Cleeland [EMAIL PROTECTED] writes: On Wed, 15 May 2002, John Jones wrote: [snip] Steps I vaguely see, please help me if you can: 2) I need to use the command line utility that comes with OSSL to make uh..what? A private key? A certificate? The user will never see this stuff, hopefully. Yes, and Eric's book doesn't really address these issues much. I haven't really found any book that does in a clear and concise way. Yeah, I don't address this at all, really. John Viega's new book Network Security With OpenSSL should cover this, but it's not available yet. For the moment, you'll have to read the OpenSSL docs. Adams Lloyd's _Understanding Public-Key Infrastructure_ is what I'm reading right now to try to understand what objects I need, what to put in them, and how to handle them once I've got them. It's not *too* old (1999) and seems to be a thorough survey of the issues. There's nothing at the level of detail that would allow its use as an OpenSSL cookbook -- sometimes I feel I paid $50 for a list of RFCs -- but it's good for getting a broad view of the topic. It's probably better in the long run to understand things at that level, than to have specific commands all laid out for one. I figure that I ought to come away with a deeper understanding of what I'm doing, if I work out the abstract requirements and then translate to OpenSSL specifics. I do think I'll have a look at _Network Security with OpenSSL_ when it comes out, though. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Which product to buy?
On Tue, 14 May 2002, Franck Martin wrote: [snip] Who can't see that this message is digitaly signed and do you know why? I can see that it is signed, but pine doesn't know what to do with an Application/X-PKCS7-SIGNATURE bodypart. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Is OpenSSL Production Ready?
On Sat, 6 Apr 2002, Jeffrey Altman wrote: There is an answer to this of course. It is do not link against OpenSSL but instead load the libraries and functions manually as OpenSSL does with the DSO interface. Then the two programs are separate with separate licenses. Thank you! I hadn't thought of that, and it sounds like fun too. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Is OpenSSL Production Ready?
On Thu, 4 Apr 2002, Michael Kobar wrote: [snip] Perhaps OpenSSL.org should accept and post commercial product names and/or start a voluntary OpenSSL Inside type branding program (like the powered by Apache logo). Watch out for that xxx Inside. I hear that Intel is suing some nonprofit for daring to call themselves Yoga Inside, on the (ludicrous IMHO) grounds that that name harms their trademark. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Is OpenSSL Production Ready?
On Thu, 4 Apr 2002, Lutz Jaenicke wrote: To be precise: according to the OpenSSL license every program that uses the library and advertises its SSL capabilities also must advertise the use of OpenSSL. Actually this is a problem -- it means you can't link OpenSSL libraries with any GPLed code which you intend to distribute. I'm facing the necessity of having to use the not-quite-ready-for-prime-time GNUtls package instead of OpenSSL for a project I'm contemplating, because it builds on an application licensed under the GPL. (And I have no idea how hard it's going to be to get *both* compatibly installed on one box.) IIRC the Ethereal folk have also run up against this problem. I'm not asking for anything at this time; I just wanted to provide a couple of data points. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] MS Windows *is* user-friendly, but only for certain values of user. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Duplicate Posts
On Mon, 18 Mar 2002, Andrew T. Finnell wrote: See that is quite strange. My assumption is I don't think it has to do with the Mailing list server itself but rather your Mail Client applications. Why not post the client's everyone is using that is receiving duplicate posts? If they are all the same then it's a safe bet it's the client. I am subscribed multiple times under different accounts and have never received duplicate posts and I use Outlook XP. My copy goes to Sendmail 8.9.3 run by the campus computing mavens, is forwarded to Smail 3.2.0.112 on my own system, passes through procmail 3.14 to be sorted into various mailboxes, and is read using pine 4.33. Here some posts are multiplied up to five times, and some are not. That suggests a gateway which is common to some, but not all, posters. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Our lives are forever changed. But *that* is exactly as it always was. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PKI book in relation to VPNs
On Wed, 5 Dec 2001, Matt Sauve-Frankel wrote: maybe I should have targetted SSL and TLS differently :)) God forbid, your book is about as good as it ever gets... thank you for writing it, it's a gem... Hear, hear! There is plenty of material out there for people who want to buy something off the shelf, slam it in, do five minutes of cookbook setup, and forget it ever happened. It's much harder to find books which promote actual *understanding*. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Our lives are forever changed. But *that* is exactly as it always was. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ASN.1 encoding of negative integers
On Wed, 17 Oct 2001, Vadim Fedukovich wrote: what are the rules or known-good examples of negative number encoding? I'm trying to encode -2 as part of currency-amount-power sequence and Peter Gutmann's dumpasn1 tool shows it as -254. It surely looks like a simple error in the dump tool, to me. An eight-bit signed value of -2 would be 254 if interpreted as unsigned. I can recommend Olivier Dubuisson's book on ASN.1, but my copy is at home now so I can't refer to it. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Make a good day. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Wasn't someone joking about the virus being posted by an autoresponder
On Wed, 22 Aug 2001, Caliban Tiresias Darklock wrote: Just out of curiosity, why are attachments allowed on the list in the first place? Is there any legitimate reason for it? Well, why not? Is there any legitimate reason *not* to? -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Make a good day. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL on itanium [going offtopic]
On Tue, 21 Aug 2001, chirs charter wrote: Nice observations. The alpha is gone now? When did DEC discontinue it? DEC was discontinued. Its corpse was dismembered and sold to various companies, and Compaq got most of the silicon designs (including the aXp and the DS21x4x Tulip Ethernet chip) after the manufacturing facilities were sold to Intel.* Now Compaq has sold the processor design itself to Intel, prompting fears that it will die as soon as existing contracts expire. Maybe at least Intel will finally learn something about computer organization by studying it. -- * Cabletron got most of the networking gear, Quantum acquired the disk and tape drives, and Oracle got RDB. Compaq also got the VAX and Alpha gear and the StorageWorks unit. Some outfit I'd never heard of got the terminals and printers unit and was still making VT5xx last I heard. Anybody know whatever happened to the Dragon graphics chip? -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Make a good day. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Please reconfigure majordomo to not set Reply-To (was: Failedto clean virus file Emanuel.exe)
On Tue, 21 Aug 2001, Lance Paine wrote: I'm in agreement, there is a reason that most mailers have a Reply-All or Reply-Group function after all. Don't munge Reply-To! Well, if it's *replacing* Reply-to: on incoming mail, that's definitely broken. However it is perfectly reasonable for a list reflector to *add* this header, and I appreciate the service. Besides, I'm getting a nice list of virus-scanner companies that don't know how to write proper autoresponders. :-/ -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Make a good day. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Exportable cipher suite
On Fri, 16 Feb 2001, Patrick Li wrote: Thanks for the information. Does that mean there is no longer restrictions on using any of the cipher suites specified by TLS or SSL outside of the US? Sorry for a simple question. But is it still the case that only Canada and US are allowed to use browers with 128 bit encryption strength? Who is the party who would allow one nation but not another to use an algorithm, and punish infractions? You should check with local laws at the point of use to find out what you are permitted to *use*. The U.S. once had rather severe restrictions on what encryption *products* could be *exported*, but citizens could *use* whatever would work so long as they didn't try to send the software *itself* out of the country. (One exception is amateur radio, which used to be *heavily* restricted as to the nature of the signal used to modulate the carrier. This was many years ago, and I don't know the current situation.) The U. S. still maintains a pretense of regulation, though it is very much relaxed. You should get advice from an attorney with experience in export law before attempting to export from the U.S. or Canada any given technology for secure communication. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Make a good day. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Apps over SSL
On Fri, 15 Sep 2000, Soul Fire wrote:
Thanks for the direction. I know that openssh would replace the need for
telnet right off the bat but does it allow for other apps to ride over
the encrypted stream as well?
OpenSSH automagically sets up a tunnel for the X Window protocol, and I've
also used it to tunnel VNC sessions. It's not too hard to set up. See
the documentation for details.
Here's a shellscript that I wrote to encapsulate the gory details of VNC
tunnelling:
#! /bin/sh
GATEWAY=${VNC_GATEWAY-rahal}
ssh -L 5900:$1:5902 -x -f $GATEWAY 'sleep 10'
vncviewer -encodings "copyrect hextile" localhost
$GATEWAY is the name of the machine at the other end of the tunnel. VNC
uses ports 5900-up. The 'sleep 10' command is probably needed only
because I don't know more about controlling ssh properly.
Further discussion of ssh ought to move to [EMAIL PROTECTED] or
comp.security.ssh .
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
2000-05-05 13:27:15 GMT -- still no icebergs in the White River
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Compiling against OpenSSL built with no-idea?
Since I'm in the U. S., I have to build OpenSSL without IDEA. Okay, I do that and 0.9.5a builds without incident. Then I try to build OpenSSH 2.1.0 against that, and I get basketsful of messages complaining that evp.h tried to include a nonexistent idea.h . Suggestions? How should evp.h be informed that IDEA is to be ignored? -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] 2000-05-05 13:27:15 GMT -- still no icebergs in the White River __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Verisign/NSI/Thawte monopoly
On Thu, 30 Mar 2000, Thomas Reinke wrote: [EMAIL PROTECTED] wrote: So it seems to me that while the cert may certify that said organization is who they say they are - nobody seems to ask if who they say they are has any relevance to anything. [snip] Look back to the problem it is solving a) SSL makes sure no-one can intercept communications meant to be private b) Certificates authenticate that the person is who they say they are. ??? This is not a statement of a problem. What is the problem that is solved by these properties, and how does that relate to a problem that someone actually wants to solve? Trust goes to trusting that second statement, not the trustworthiness of the company behind the statement. If we don't trust the CA, why should we trust the cert.s that it issues? What basis would we have for trusting A's certification that a certificate asserting that it belogs to B was in fact issued to B, other than to trust that A has diligently investigated the requestor's claims and met our standards for establishing that that person is in fact B? -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] "Where's the kaboom? There was supposed to be an Earth-shattering kaboom!" -- Marvin Martian, 01/01/2000 00:00:00 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Verisign/NSI/Thawte monopoly
On Thu, 30 Mar 2000 [EMAIL PROTECTED] wrote: You missed my point. Read on... b) Certificates authenticate that the person is who they say they are. Trust goes to trusting that second statement, not the trustworthiness of the company behind the statement. People in general presume that when they see the little key that they are dealing with a "bonified" business. Yes, I know that the certification process does not do this. And since it doesn't do this it isn't worth much. Now I am surprised. The key only means that you have a reasonably secure channel to an unknown endpoint. Do lots of people really believe that it means any more than that? That is frightening. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] "Where's the kaboom? There was supposed to be an Earth-shattering kaboom!" -- Marvin Martian, 01/01/2000 00:00:00 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Commercial SSL in the US
On Thu, 9 Mar 2000, Leland V. Lammert wrote: At 05:10 AM 3/9/00 , you wrote: Wow. I'm at a loss here. Does anyone know of any way that my (tiny) company can legally use SSL for commercial purposes in the US without paying an obscene amount of money to RSA or buying an obscenely expensive web server system from a vendor? Yes. It's called OpenSSL. Export regulations were relaxed this January, .. and while there are many issues to be resolved, it essentially means that WE can IMPORT anything in the public domain without a problem. You're talking about export controls, and he's asking about intellectual-property law. Different animals. W.r.t. RSADSI's code, "commercial use" probably means what RSADSI says it means. Their patent is still as valid as it ever was until late this year when it expires, so in the U.S. you have to use their code and obey their license until then. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Definitely NOT a lawyer. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL and Mac OS and export fun
On Sat, 20 Nov 1999, Wilfredo Sanchez wrote: Dr Stephen Henson [EMAIL PROTECTED]: | I'm no expert but what you are suggesting sounds like "crypto with a | hole" which has been asked about before and people have been told its | illegal. I'm aware of this rumor, though I've never one heard it said by someone who had actually discussed it with the government. In any case, I had this in mind when I was talking to the NSA and explicitly brought is up multiple time to make sure they understood what I was doing, and in all cases they said OK. Can you get it in writing? It is difficult to get telephone conversations into court. Each party contrives to remember them differently. -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Please, no more software products offering a "richer experience"! I have indigestion of the brain already. Give me a more ascetic experience. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL and Kerberos, again
On Wed, 17 Nov 1999, Wilfredo Sanchez wrote: [quote from me snipped] I believe krb5 1.1 uses the name libkrb5crypto.a. It wouldn't hurt for OpenSSL to use a less generic name, though. *sigh* It looks like I picked up 1.0.6 just hours before 1.1 was released. Thanks, everybody. I'll look through the stuff that 1.1 is known to break and see if I can safely upgrade. (Then I'll have to tweak ssh) -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Please, no more software products offering a "richer experience"! I have indigestion of the brain already. Give me a more ascetic experience. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
