RE: Inclusion of FIPS

2004-05-13 Thread Marquess, Steve Mr JMLFDC
Title: RE: Inclusion of FIPS Jeffrey Altman wrote There are a couple of things that have been bothering me. (1) I'm not sure the use of .SHA1 files is going to work long term on Windows. First, they are unmanageable when it comes to patches. Second, Windows itself modifies the .EXE/.DLL

Re: OpenSSL error: sslv3 alert bad record mac (fwd)

2004-05-13 Thread David Maurus
Hi, this (openssl-dev) is indeed the wrong list. openssl-users might be better suited, but your problem seems to be application / configuration related. imapd-ssl: couriertls: read: error:140943FC:SSL routines: SSL3_READ_BYTES:sslv3 alert bad record mac I've had 'bad record mac' errors when

Has OpenSSL already checked that there is no influence of [NISCC-006489/SMIME] ?

2004-05-13 Thread Jun Kazama
Dear, Has OpenSSL already checked that there is no influence of [NISCC-006489/SMIME] ? Did the OpenSSL development team use the NISCC test suite for S/MIME ? Since it did not understand whether it checked, it mailed. [NISCC-006489/SMIME]

FIPS questions

2004-05-13 Thread Troy Monaghen
I have a couple of questions about the FIPS-140 stuff: 1) I don't see any Diffie-Hellman code in the fips part of the source tree except for the dh_test() function in fips_test_suite.c. Will DH be available to use in an application that will be running in FIPS mode without violating the

Re: Inclusion of FIPS

2004-05-13 Thread Jeffrey Altman
Steve: Thank you for the answer. Just fyi, I and Richard Levitte did spend time to get the code to work on Windows to the extent that was possible without an answer to the questions you have now answered. One concern with your answer is that it appears to imply that FIPS certification can

Re: Inclusion of FIPS

2004-05-13 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Thu, 13 May 2004 17:42:51 -0400, Jeffrey Altman [EMAIL PROTECTED] said: jaltman One concern with your answer is that it appears to imply that jaltman FIPS certification can only be useful to applications which jaltman statically link in all libraries. Therefore,

Re: Inclusion of FIPS

2004-05-13 Thread Ben Laurie
Jeffrey Altman wrote: Steve: Thank you for the answer. Just fyi, I and Richard Levitte did spend time to get the code to work on Windows to the extent that was possible without an answer to the questions you have now answered. One concern with your answer is that it appears to imply that FIPS

Re: Inclusion of FIPS

2004-05-13 Thread Michael Sierchio
Ben Laurie wrote: My understanding is that our security policy is that if you can show a chain of SHA-1 HMAC signatures from the certified source to whatever-it-is-you-are-running, then you are certified. We provide one mechanism to do that. You can provide others. Note that the chain of