On 28 May 2014 00:03, Viktor Dukhovni openssl-us...@dukhovni.org wrote:
On Tue, May 27, 2014 at 09:04:20PM +0100, Ben Laurie wrote:
It inspired my son, Felix, and I to think about a related idea:
generate random numbers which are inherently coprime to small primes.
Felix went on to implement
On 28 May 2014 01:47, mancha manc...@zoho.com wrote:
Fouque and Tibouchi [3] offer the differing view that it's preferable to
minimize bias and generate primes that are almost uniform even if it is
not immediately clear how such biases can help an adversary. They
suggest a few algorithms that
On 27 May 2014 11:11, Ben Laurie b...@links.org wrote:
On 27 May 2014 09:16, Joseph Birr-Pixton jpix...@gmail.com wrote:
To restate:
Callers of RAND_pseudo_bytes are either unreliable, or equivalent to
RAND_bytes. Do not use it.
Have I missed something? What are you referring to here?
On 5/27/14 12:56 AM, Stephan Mueller wrote:
Am Dienstag, 27. Mai 2014, 17:45:48 schrieb Peter Waltenberg:
Hi Peter,
Not quite correct, the prime rands shouldn't come from a DRBG, they
should come from an NRBG (NIST terminology). There's a considerable
difference between the performance of an
Hi,
it seems that the two discussions are somehow related
the idea of generating only prime candidates not dividible by small primes is
interesting but, due to incremental search, it will not apply to next candidates
however, it may be possible to use bit counting to perform a less biased walk
On 28 May 2014 13:32, nicolas@free.fr wrote:
Hi,
it seems that the two discussions are somehow related
the idea of generating only prime candidates not dividible by small primes is
interesting but, due to incremental search, it will not apply to next
candidates
a) The incremental
On 05/28/2014 01:08 AM, Deepak wrote:
I am writing an in house application where my main web server is apache
web server hosting the main web portal which is being accessed by HTTPS.
On one of the webpage I am establishing the connection to the socketio based
server using HTTPS again but
Hello,
I am sending changes that we have applied to the distribution of OpenSSL.
Enhancements are:
- engines/e_capi.c - Adding SHA2 to capi engine.
- crypto/x509v3/v3_lib.c - Prioritizing user X509V3_EXT_METHODover
standard X509V3_EXT_METHOD, which allow us to extend display of
Actually, I was proposing another way to perform incremental search using
divisibility properties
The fact is I agree with your b) point, I was trying to explain a way to do it
sorry if I didn't make myself clear
there are two main points :
- incremental search can be improved by testing less
Hi Libor
Many thanks for your submission. Please could your resubmit this with a
separate ticket for each item?
Having a single ticket for multiple issues makes it quite difficult for us to
track and manage - they may not all be reviewed at the same time, or by the
same person.
Thanks
Matt
Hi Daniel,
Thanks for looking in.
There are no issues with permission or path.
However below are the logs that I see on the server where I am using SSL
for gevent-socketio server.
Below is the log I see.
Traceback (most recent call last):
File
On 05/28/2014 11:47 AM, Deepak wrote:
Thanks for looking in.
There are no issues with permission or path.
This is starting to look like it might be an issue for socketio or
python stdlib folks (which provides the python ssl module), not OpenSSL.
but looking a bit deeper:
Thank you for quick reply.
We will test it in next weeks.
-Original Message-
From: Stephen Henson via RT [mailto:r...@openssl.org]
Sent: Sunday, May 25, 2014 4:00 PM
To: j...@sk.ee
Cc: openssl-dev@openssl.org
Subject: [openssl.org #3359] Expired certificates bug.
On Sat May 17
13 matches
Mail list logo