Thanks for the link.
Actually interresting with good advices.
It reminds us that a secure lib is not enough, we have to fight
themselves against too much lazyness or negligence.
Le 22/10/2012 20:56, toorandom a écrit :
What do you think?
For RSA and DSA signing operations I use an ENGINE that registers for RSA and
DSA and intercepts the private key operations in order to call out to CAPI.
I'm now trying to add support for ECDSA but the method structure for this is
private. What is the expected mechanism to utilize an engine
On 10/23/2012 10:50 AM, Erik Tkal wrote:
For RSA and DSA signing operations I use an ENGINE that registers for RSA and
DSA and “intercepts” the private key operations in order to call out to CAPI.
I’m now trying to add support for ECDSA but the method structure for this is
private. What is
On Thu, 18 Oct 2012 23:55:41 +0200 Andrey Kulikov wrote:
OpenSSL enables zlib by default.
Could you please advice for what version and platform this is true?
openssl-1.0.1c for linux-elf
has no-zlib configured by default.
Sorry, I asked the wrong way. OpenSSL, when compiled with zlib
On Tue, Oct 23, 2012, Tomas Hoger wrote:
On Thu, 18 Oct 2012 23:55:41 +0200 Andrey Kulikov wrote:
OpenSSL enables zlib by default.
Could you please advice for what version and platform this is true?
openssl-1.0.1c for linux-elf
has no-zlib configured by default.
Sorry, I
For those of us still using the 0.9.8-line, I see three options for addressing
CRIME:
1) recompile our OpenSSL libraries with compression disabled,
2) programmatically disable it for all SSL connections using
sk_SSL_COMP_zero() as described in the patches at
