Any chance of making progress on this?
As a reminder, the issue is that the Kerberos ciphersuites in OpenSSL do
not use the IDs defined in RFC2712, which obviously has negative effects
on interoperability.
Thanks,
Andreas.
]
Reply-To: IETF Transport Layer Security WG [EMAIL PROTECTED]
To: IETF Transport Layer Security WG [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Andreas Sterbenz wrote:
The SSL 3.02 spec (http://wp.netscape.com/eng/ssl3/draft302.txt) defines
it as SSL_FORTEZZA_KEA_WITH_RC4_128_SHA whereas
: Kerberos Ciphersuite IDs
Date: Thu, 25 Jul 2002 20:27:03 +0100
From: Andreas Sterbenz [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Hi,
I am looking at ssl/ssl3.h from 0.9.7-beta2 and the Kerberos ciphersuite
IDs don't seem to match the IDs given in RFC2712. I assume I am
Richard Levitte via RT wrote:
Hmm, there's a problem that haven't been addressed at all by the
IETF. SSLv3 contains the following as part of it's ciphersuite:
The final cipher suites are for the FORTEZZA token.
CipherSuite SSL_FORTEZZA_KEA_WITH_NULL_SHA = {
0X00,0X1C
Hi,
I am looking at ssl/ssl3.h from 0.9.7-beta2 and the Kerberos ciphersuite
IDs don't seem to match the IDs given in RFC2712. I assume I am missing
something obvious, could someone please enlighten me?
Thanks,
Andreas.
===
::ssl/ssl3.h::
#define SSL3_CK_KRB5_DES_40_CBC_SHA
Kevin Regan wrote:
26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:290:
This happens when I select TLSv1 on the Java side and
TLSv1_server_method on the OpenSSL side. TLSv1 on the Java side and
SSLv23_server_method (but not SSLv3_server_method) works
) with
iSaSiLk (the equivalent is done automatically if you do not have RSA code
installed). For more information about client authentication see the
certificates.html file from the iSaSiLk documentation.
Regards,
Andreas Sterbenz mailto:[EMAIL PROTECTED]
-Ursprüngliche Nachricht
t the 1024 bit export ciphers id 0x0060 and 0x0061
which are missing from the latest interdraft are still included.
Thanks,
Andreas Sterbenz mailto:[EMAIL PROTECTED]
smime.p7s
Shameless plug: see http://jcewww.iaik.at/iSaSiLkAppletEdition/light.htm
Does SSL 3.0 with RSA, DH, DES, 3DES, IDEA, and RC4 in a 42k compressed
JAR file on any JDK.
Andreas Sterbenz mailto:[EMAIL PROTECTED]
-Ursprüngliche Nachricht-
Von: David Murphy [EMAIL PROTECTED
could work around that
by making several requests and using ranges.
As an only partially related note, TLS explicitly allows any apropriate
padding length from 0-255 for block ciphers exactly to avoid attacks
based on message lengths at the record level.
Regards,
Andreas Sterbenz mai
months I really think
this should be considered for 0.9.4.
Andreas Sterbenz mailto:[EMAIL PROTECTED]
-Ursprüngliche Nachricht-
Von: Andreas Sterbenz [EMAIL PROTECTED]
An: [EMAIL PROTECTED]
Gesendet: Dienstag, 27. Juli 1999 16:16
Betreff: Version Selection Bug
Hi,
I
11 matches
Mail list logo