> On Mar 31, 2021, at 2:42 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> You are right - there’s no urgency in PQ signatures.
>
> However, PQ KEM keys aren’t small. And, as I said, für austere links every
> unnecessary byte of crap hurts.
>
> Also, sending root certs seems (marginally) us
You are right - there’s no urgency in PQ signatures.
However, PQ KEM keys aren’t small. And, as I said, für austere links every
unnecessary byte of crap hurts.
Also, sending root certs seems (marginally) useful only when the recipient is a
Web browser. And even then I assume most of the IT p
> On Mar 31, 2021, at 2:01 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> For a Web GUI with the user at the console (e.g., a Web browser), it might be
> OK.
>
> For my needs (devices talking to each other over austere links), sending the
> root CA very is both useless and wasteful. One you
> On Mar 31, 2021, at 2:04 PM, Walter H. wrote:
>
> On 31.03.2021 19:48, Viktor Dukhovni wrote:
>>> On Mar 31, 2021, at 1:43 PM, Michael Wojcik
>>> wrote:
>>>
>>> As far as I can see, neither PKIX (RFC 5280) nor the CA/BF Baseline
>>> Requirements say anything about the practice, though I may
On 31.03.2021 19:48, Viktor Dukhovni wrote:
On Mar 31, 2021, at 1:43 PM, Michael Wojcik
wrote:
As far as I can see, neither PKIX (RFC 5280) nor the CA/BF Baseline Requirements say
anything about the practice, though I may have missed something. I had a vague memory
that some standard or "bes
For a Web GUI with the user at the console (e.g., a Web browser), it might be
OK.
For my needs (devices talking to each other over austere links), sending the
root CA very is both useless and wasteful. One you factor in the sizes of
Post-Quantum keys and signatures - you’ll start disliking thi
> On Mar 31, 2021, at 1:43 PM, Michael Wojcik
> wrote:
>
> As far as I can see, neither PKIX (RFC 5280) nor the CA/BF Baseline
> Requirements say anything about the practice, though I may have missed
> something. I had a vague memory that some standard or "best practice"
> guideline somewhere
> From: openssl-users On Behalf Of Viktor
> Dukhovni
> Sent: Wednesday, 31 March, 2021 10:31
> To: openssl-users@openssl.org
> Subject: Re: Why does OpenSSL report google's certificate is "self-signed"?
>
> It looks like Google includes a self-signed root CA in the wire
> certificate chain, and if
> On Mar 31, 2021, at 1:49 AM, Nan Xiao wrote:
>
> The connection is successful, but the ssl->verify_result is 18, i.e.,
> X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT. I am a little confused why
> OpenSSL reports google's certificate is "self-signed"? And it should
> be not.
Most likely you haven't
On Sunday, 28 March 2021 09:41:35 CEST, preethi teekaraman wrote:
Hi Openssl,
I'm using the latest version of openssl to create a self -signed
certificate.
My request is like, we need to observe G and P Param to 256 as value but we
could see only 2 as value while a handshake happens between se
10 matches
Mail list logo
