Hi,
I'm asking you because we at the Ruby talk mailling list are stuck
with this problem (http://www.ruby-forum.com/topic/176646)
As Ruby OpenSSL is just a wrapper around the SSL functions I'd like to
get it on with openssl command line interface first.
Maybe I'm understanding a lot of basic
Hi,
if OpenSSL is included in hardware e.g. in a PLC,
where should the copyright notice go?
The hardware has no user interface with an about box or something like that.
So the only place that remains would be the PLC manual.
Would it be enough to write the following acknowledgement from the
Hello.
When Openssl parses X.509 certeficate (in my case it was DER-encoded,
but I doubt that it is important), it expects 'PostalCode' in
'Subject' to be type of ASN1_PRINTABLE (aka PrintableString in terms
of RFC3280). But actually PostalCode is allowed to be two types --
PrintableString and
Robin Seggelmann wrote:
As a workaround you can use connected UDP sockets. Just use accept() and
connect() as you would with TCP connections and create new BIO and SSL
objects for every connection. I have tested that and it works pretty
well so far.
Hi Robin,
I'm surprised that you can use
The manual must include both the OpenSSL license text (what you
quoted) and the SSLeay license text (which is also to be found in the
LICENSE file). It just needs to be in the printed documentation or,
where no printed documentation exists, in a LICENSE file or
equivalent.
-Kyle H
On Mon, Jan
Wes Hardaker wrote:
http://www.net-snmp.org/wiki/index.php/DTLS_Implementation_Notes
Hi Wes,
I have some comments regarding your wiki article. But first of all
thanks for taking the time writing down all this information:
I'm trying to implement IPFIX on top of DTLS so I also made some
On Jan 26, 2009, at 4:23 PM, Philipp Gühring wrote:
Hello Douglas,
I'm wanting to use openssl to provide a psk-like authentication and
encryption. While I see that openssl cvs has some TLS-PSK
functionality,
this does not seem to exist in any of the released tarballs. I run
gentoo and I
Il giorno 26/gen/09, alle ore 05:14, Crypto Sal ha scritto:
Do any other clients (s_client, web browser, etc) exhibit the same
behavior or an error message? If yes, what's the error response?
Well, I currently do not know how to apply that certificate to an HTTP
server to test it with
On 01/26/2009 08:40 PM, Marco De Vitis wrote:
Il giorno 26/gen/09, alle ore 05:14, Crypto Sal ha scritto:
Do any other clients (s_client, web browser, etc) exhibit the same
behavior or an error message? If yes, what's the error response?
Well, I currently do not know how to apply that
Hi All,
Is it possible to revoke a self-signed CA certificate?
If yes, then I dont understand why it should be allowed. It does not make
sense. The only reason a root CA would want to revoke its own certificate is
if its private-key might have been compromised. So, the CA would want to
revoke its
A self-signed CA certificate (technically, a trust anchor) cannot be
revoked via CRL. This is assumed to be a function of the higher-layer
security infrastructure which led to the trust anchor being trusted in
the first place, and is outside the scope of CRL.
-Kyle H
On Mon, Jan 26, 2009 at
Can you please elaborate on how would the higher-layer security
infrastructure go about this?
To me, it just seems impossible to do this and the issue might only be
mitigated by spreading awareness by an out-of-band means but not eliminated
until ofcourse, the self-signed CA certificate expires.
Also, does openssl allow a CA to revoked its own self-signed certificate?
What happens when during the openssl verify, it finds that the CRL given by
CA contains the CA-certificate in the revoked list?
On Mon, Jan 26, 2009 at 9:28 PM, PS mytechl...@gmail.com wrote:
Can you please elaborate on
Can you please elaborate on how would the higher-layer security
infrastructure go about this?
Simply put, whatever put the certificate in its trusted position is what is
to remove it. If a CA says to trust a certificate, that CA can say not to.
But if the certificate is self-signed, the trust
14 matches
Mail list logo
