On Sun, Apr 29, 2012 at 5:40 PM, Mike Hoy mho...@gmail.com wrote:
We use McAfee to scan our website for vulnerabilities. They claim the
following:
Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use
In the past, I have had issues with tar files where the block size
wasn't specified, and the file was a multiple of 512 but not of 10240.
My solution was to pad out to a multiple of 10240.
On 30 April 2012 13:22, Dave Thompson dthomp...@prinpay.com wrote:
From: owner-openssl-us...@openssl.org On
In many cases, errors about no longer valid certificates
(expired, revoked, bad signature etc.) are checked only by
the other end, so the *client* would show errors about a
bad server cert and the server would show errors about bad
client certs.
While some server applications may contain extra
Hello,
I'm trying to make sense out of the various abbrevations used for the
SSL cipher suites listed by openssl ciphers.
I've googled, but found no explanation of what ECDHE is and how it
compares to ECDH.
I'm aware that ECDH stands for elliptic curve diffie hellman key
exchange (and I'm also
On Sun, Apr 29, 2012, Mike Hoy wrote:
We use McAfee to scan our website for vulnerabilities. They claim the
following:
Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use
block ciphers. Apply
quick update (sorry I was on a 3 days weekend)
the tar which was causing me this problem is the one on AIX 6.1 TL6 SP6
GNU tar 1.26 is working and being used as a workaround.
Yannick Bergeron
450 534-7711
yaber...@ca.ibm.com
Advisory IT Specialist
From: Christopher Vance
Just try to connect with openssl_client to the server and you would see the
message
Rgds
Aravamudan
On Mon, Apr 30, 2012 at 10:34 AM, 谷口康規 taniguchi.y...@jp.fujitsu.comwrote:
Hi.
Help me please.
I'm beginner.
I'm tring to print message of expiration of server certificate on the
side of
On 4/27/2012 9:43 AM, Dr. David Kirkby wrote:
On 04/27/12 02:29 AM, Dr. Stephen Henson wrote:
Hmm never seen any error messages myself, using GNU tar 1.25.
The distribution tarballs are always created by doing:
make -f Makefile.org dist
from any source tree. As you can see from the files
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Good evening, I have a some problem with openssl {v,w} and cpu via
Nehemiah, the version t work fine.
thank you
- --
Corrado Roberto
Key ID: 0x6D7865E1 (c/o keyringservers)
Fingerprint: A743 2BB6 7E75 C26A 3BD5 0E22 5953 A82F 6D78 65E1
On Sun, Apr 29, 2012 at 10:40 PM, Mike Hoy mho...@gmail.com wrote:
We use McAfee to scan our website for vulnerabilities. They claim the
following:
Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use
Perhaps it's related to CVE-2011-4576:
https://kc.mcafee.com/corporate/index?page=contentid=KB75138actp=LIST
and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does
not properly initialize data structures for
ECDHE is the E=Ephemeral version where you get a distinct DH key for
every handshake.
ECDH has a fixed DH key; one side of the handshake doesn't change from
one instance to the next.
ECDHE gives you forward secrecy; ECDH does not.
ECDHE is less efficient than ECDH; it requires more crypto
On 30-04-2012 17:40, Roberto Corrado wrote:
Good evening, I have a some problem with openssl {v,w} and cpu via
Nehemiah, the version t work fine.
root@gatto:/tmp# gdb -c core /usr/bin/openssl
GNU gdb (GDB) 7.4
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3
13 matches
Mail list logo