Fred,
You're welcome. Best of luck with your Canadian government, er, friends. ;-)
Ger
BTW: nitpicking my own text there: it was restricted to 56 bits tops
back then. Irrelevant though.
On Tue, Aug 19, 2008 at 2:53 PM, Fred Picher [EMAIL PROTECTED] wrote:
--- On Fri, 8/15/08, Ger Hobbelt
--- On Fri, 8/15/08, Ger Hobbelt [EMAIL PROTECTED] wrote:
Ahh... This brings back memories... I had to do the same
'selective compilation' back before 2000 when the USA would
prohibit cipher export at 128 bit and beyond unless you had a
specific license.
Ger,
Many thanks for taking the
On Fri, Aug 15, 2008 at 5:11 PM, Fred Picher [EMAIL PROTECTED] wrote:
[...]
If this is not sufficient you may check out ssl/sslv3.c etc and
actually remove the ciphers you don't want to support in your
libssl from the registration tables.
As a test, I've commented out every cipher definition
-Original Message-
From: Fred Picher [EMAIL PROTECTED]
Sent: Aug 14, 2008 11:18 AM
Unfortunately this is seemingly the case, as told by actual
gouvernement reps.
Fred, I'm sorry I'm not of any help on the technical side, but I would strongly
advise you to heavily discount what
Kyle Hamilton wrote:
Well, the question becomes: Which government are you trying to work
around the restrictions of?
OpenSSL is open-source. In the United States, while it may fall under
the export class EI on the CCR, it also falls under export exemption
TSU (see
--- On Fri, 8/15/08, Kyle Hamilton [EMAIL PROTECTED] wrote:
Thanks for your comments.
Well, the question becomes: Which government are you trying to
work around the restrictions of? OpenSSL is open-source.
In this very specific case: the Canadian gouvernment. The whole
thing does not look
PM
To: openssl-users@openssl.org
Subject: Re: DES-only OpenSSL version
--- On Fri, 8/15/08, Kyle Hamilton [EMAIL PROTECTED] wrote:
Thanks for your comments.
Well, the question becomes: Which government are you trying to
work around the restrictions of? OpenSSL is open-source.
In this very
Hello,
Thanks for your reply.
If this is not sufficient you may check out ssl/sslv3.c etc and
actually remove the ciphers you don't want to support in your
libssl from the registration tables.
As a test, I've commented out every cipher definition in
ssl/s3_lib.c, like this example:
The
Fred Picher wrote:
Hello,
Thanks for your reply.
If this is not sufficient you may check out ssl/sslv3.c etc and
actually remove the ciphers you don't want to support in your
libssl from the registration tables.
As a test, I've commented out every cipher definition in
wrote:
Hi,
Unfortunately this is seemingly the case, as told by actual
gouvernement reps.
Cheers.
--- On Wed, 8/13/08, David Schwartz [EMAIL PROTECTED] wrote:
From: David Schwartz [EMAIL PROTECTED]
Subject: RE: DES-only OpenSSL version
To: openssl-users@openssl.org
Received: Wednesday
, David Schwartz [EMAIL PROTECTED] wrote:
From: David Schwartz [EMAIL PROTECTED]
Subject: RE: DES-only OpenSSL version
To: openssl-users@openssl.org
Received: Wednesday, August 13, 2008, 10:18 PM
Fred Picher:
For export regulations compliance I must dumb down
OpenSSL to use
only DES
Hi,
Unfortunately this is seemingly the case, as told by actual
gouvernement reps.
Cheers.
--- On Wed, 8/13/08, David Schwartz [EMAIL PROTECTED] wrote:
From: David Schwartz [EMAIL PROTECTED]
Subject: RE: DES-only OpenSSL version
To: openssl-users@openssl.org
Received: Wednesday
Fred Picher wrote:
Hello all,
I'd like to get all of the ciphers that are tagged 'export' as
well as the 56-bit ones that are not. Eg.:
(list somewhat shortened in width)
EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Enc=DES(56)
EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Enc=DES(56)
Fred Picher:
For export regulations compliance I must dumb down OpenSSL to use
only DES. And that's only DES, no 3DES ! So I got it down to:
Are you sure you aren't trying to comply with ancient regulations that no
longer apply? It's been years since anyone I know of has had to dumb their
14 matches
Mail list logo
