Issue is fixed.
So long as it's OK to generate the same random bytes at each power-on.
This is quite a common problem with embedded devices: even after boot it
can be hard to find entropy with which to seed the PRNG. The usual
sources which are used in a PC environment (keystrokes, ethernet
Regards
Chris Gray
On 11 January 2014 19:46, M. V. bored_to_deat...@yahoo.com wrote:
Hi everybody,
I'm writing an application that creates multiple non-blocking SSL
connections to an https server, in each one I send a request and read
the
server's response. my problem is, whatever I do, I can't
-
What this article says is this: if you *received* data from TCP
connection it will be without duplication or losing data. It doesn't
say: if you *send* data it will be received correctly by other host.
It's impossible to garantee.
--
Andrey Koltsov
With TCP you basically don't know
Hi all,
Anyone have experience of using ACs, or know where practical examples can be
found? I've been reading RFC 3281, but it would be nice to look at some
real-world code ...
Thanks,
--
Chris Gray/k/ Embedded Java Solutions BE0503765045
Embedded Mobile Java, OSGihttp
? The web page
mentions a serious problem with SHA-1 which will be fixed in the next
version ...
BTW what is GSS-API (RFC 2853), which also turned up in my searches? I know it
stands for Generic Security Service, but where does it fit into the puzzle?
TIA,
Chris
--
Chris Gray/k/ Embedded
, but creating a new one would be a
Bad Thing.
Thanks,
Chris
--
Chris Gray/k/ Embedded Java Solutions BE0503765045
Embedded Mobile Java, OSGihttp://www.kiffer.be/k/
[EMAIL PROTECTED] +32 3 216 0369
could have
a different PRNG).
Any ideas, documentation pointers, etc.?
Best wishes
--
Chris Gray /k/ Embedded Java Solutions
Embedded Mobile Java, OSGihttp://www.kiffer.be/k/
[EMAIL PROTECTED] +32 3 216 0369
As the maintainer of an alternative JavaVM I can confirm that we
absolutely had to support library unloading because one customer was using
it heavily - and that was quite a few years ago. Early Sun VMs didn't
support library unloading, but then those VMs also did not garbage-collect
obsolete
What is the security risk?
Management ? :)
There could be a perceived problem that the world now knows that company
X has problems with OpenSSL, and a competitor could even try to make
mischievous use of this information - it happened to me once (with
another technology).
Death of developer
> On Wed, Mar 2, 2016 at 12:27 PM, Neptune wrote:
> [...]
> You can perform initialization in a static C++ ctor, but it can be
> tricky because the C++ committee has never addressed the problem of
> initialization order across translation units. Also see What's the
> "static
we
and our customers use (which includes OpenSSL).
Thanks for any indications
Chris Gray
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
You should be able to do this using stunnel: see for example
https://www.elastic.co/guide/en/cloud/current/tunneling-ssl.html
where your telnet commands would be the "client which supports only http".
But you can also learn a lot by playing with curl ...
> I know that this is a TLS related
?
Note that we are not only talking about servers here, rather we currently
have only one internet-facing server (HTTPS) and a growing number of
XXX-over-TLS clients, so if anything these are a greater source of
concern.
Any pointers are very welcome!
Chris Gray
--
openssl-users mailing list
> Of course people have been harvesting entropy, or trying to, from network
> sources for decades. There's a famous paragraph regarding it in RFC 4086,
> which is an expanded version of a similar statement from RFC 1750 (1994):
>
> Other external events, such as network packet arrival times
I've also encountered this quite often, and I have a feeling that on
today's connected devices there may be a lot of entropy "in the air"
(quite literally) which is not being captured. Does any one know of
research in this area?
> Hi Scott
>
> I donât know your OS or environment, have you
As it happens I am the proud owner of a made-in-UK Mathmos Lava Lamp and a
couple of their Space Projectors : however I don't use them as a RNG.
I am thinking more about the fact that there are a lot of devices which
* have no hardware TRNG on board
* do have one or more connections to wired or
A bit off-topic but is it also a good idea to follow these guidelines in
non-browser use cases, for example for a client certificate which is used
to autenticate on a TLS connection which will be used for another protocol
such as MQTT? In this case the SubjectCN looks like a "natural" place to
put
17 matches
Mail list logo