Re: Format of X509 Certificate Validity

2007-05-22 Thread Richard Salz
The Z suffix indicates GMT/UTC timezone. You are seeing them displayed in your timezone. -- STSM Senior Security Architect DataPower SOA Appliances __ OpenSSL Project http://www.openssl.org Develo

Re: [PATCH] OpenSSL vs GCC 4.2.0

2007-05-22 Thread Dr. Stephen Henson
On Tue, May 22, 2007, Peter Hartley wrote: > Hi there, > > Having just downloaded GCC 4.2.0 and discovered that it can't build > OpenSSL (not even in the snapshots AFAICT), I'd like to offer a possible > solution. > > The earlier thread on openssl-dev explains that OpenSSL chooses to cast > the

Re: Format of X509 Certificate Validity

2007-05-22 Thread Goetz Babin-Ebell
--On May 22, 2007 16:01:41 -0700 Richard Kao <[EMAIL PROTECTED]> wrote: Hope someone can help me understand the validity date and time format of x509. For example, when connecting to https://401k.fidelity.com/, my IE shows it's cert validity is Valid from: August 30, 2006 5:00:00 PM Valid t

Format of X509 Certificate Validity

2007-05-22 Thread Richard Kao
Hi, Hope someone can help me understand the validity date and time format of x509. For example, when connecting to https://401k.fidelity.com/, my IE shows it's cert validity is Valid from: August 30, 2006 5:00:00 PM Valid to:August 31, 2007 4:59:59 PM Ethereal shows the same fields of t

Segfault inside RSA_eay_private_decrypt => BN_bn2bin

2007-05-22 Thread John Rowe
I have been having segfaults inside SSL when using the dovecot imap server, specifically within the imap-login process. It happens from within both 0.9.7a and 0.9.8e, but only with the Mac Mail client. The trace, when compiled with debug/efence, is: #0 BN_bn2bin at bn_lib.c:651 651

[PATCH] OpenSSL vs GCC 4.2.0

2007-05-22 Thread Peter Hartley
Hi there, Having just downloaded GCC 4.2.0 and discovered that it can't build OpenSSL (not even in the snapshots AFAICT), I'd like to offer a possible solution. The earlier thread on openssl-dev explains that OpenSSL chooses to cast the function pointers, not the parameters, to achieve type-safet

Re: [openssl.org #1521] bug report

2007-05-22 Thread Dmitri Dmitrienko via RT
> >- Original Message - >From: "Andy Polyakov via RT" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Cc: >Sent: Sunday, May 20, 2007 4:42 PM >Subject: Re: [openssl.org #1521] bug report > >> Title: Failed to link static openssl libraries (or non-PIC x86_64cpuid.s) >> OS: FC4 >> HARDWARE:

Re: ECDSA verify fails when digest is all zeros in 0.9.8e

2007-05-22 Thread Bodo Moeller
On Thu, May 17, 2007 at 08:43:47AM -0700, [EMAIL PROTECTED] wrote: > This is not a problem with the algorithm or the protocol. It is a > bug in the implementation. Digest values that are zero are allowed > by the ANSI X9.62 (and there is no special case for them) and they > work fine in other im