On Tue, Nov 18, 2008, Brad House wrote:
I'm pretty ignorant when it comes to FIPS, is this a limitation of the
FIPS requirements itself or a limitation of OpenSSL's FIPS validation?
It is a FIPS requirement.
Any idea how many root CAs use MD2WithRSAEncryption or any way to work
around
On Tuesday 18 November 2008 19:22:55 Sander Temme wrote:
On Nov 11, 2008, at 12:28 AM, Sander Temme wrote:
On Nov 2, 2008, at 9:19 AM, Sander Temme wrote:
The following compiles and tests cleanly on trunk and on the latest
snapshot of 0.9.8-stable (with offset 1 in e_chil.c). Also
I've been testing the openssl verify functionality.
I have the following chain:
server certificate
VeriSign Class 3 Extended Validation SSL CA
VeriSign Class 3 Public Primary CA - G5
The root CA and intermediate CA certificates are in my trusted CA
If the certificate chain cannot be built to a trusted root then none of
the keys can be trusted either. An attacker could build a totally bogus
chain using their own keys and valid signatures... but it would not be
valid because it would not chain to a trusted root.
Signature verification can be
Hi guys,
I finally found the problem... it was simply that I forgot to call the
function to initialize support for threads in the library.. now the code
runs smooth.
Thanks to those who helped me... :D
Later,
Max
Massimiliano Pala wrote:
Hi all,
I am working on a multi threaded OCSP server
Hi ,
I have a different requirement . I want to release openssl 0.9.8j has normal
openssl release . i donot want to release fips capable openssl . if i remove
the fips option in configure will it generate the normal openssl (with out
fips capabability) including all the functionality that are in