On Thu, 2013-02-21 at 05:15 -0500, Jeffrey Walton wrote:
> You enabled it with -Wextra, then you turned it off with
> -Wno-missing-field-initializers. Its not latched - the last option
> wins.
Good catch! I forgot to remove that while doing some rapid prototyping.
> In addition, GCC's analysis m
On Fri, Feb 22, 2013, no_spam...@yahoo.com wrote:
> EXP-RC2-CBC-MD5 does not appear to work in 0.9.8y. It does in 0.9.8x.
>
A known issue, fixed in recent snapshots.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.or
EXP-RC2-CBC-MD5 does not appear to work in 0.9.8y. It does in 0.9.8x.
system:user/openssl-0.9.8y/apps 27% ./openssl s_client -connect 10.1.1.1:443
-tls1 -cipher EXP-RC2-CBC-MD5
CONNECTED(0003)
95776:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad
record mac:s3_pkt.c:4
I don't know what this is saying. I want to build openssl as 64-bit only on a
Niagara T2
with fairly specific CFLAGS which specifiy memory cache options and other flags
that
work great for everything from autoconf to zlib .. but not openssl. What is my
confusion
here please ?
$ ./Configure
On 02/22/2013 04:13 PM, Jakob Bohm wrote:
> Att. openssl.org web server maintenance team.
>
> The latest security advisory for OpenSSL links to the research site for
> the "lucky 13" attack analysis, which links to their report in pdf
> format. That report in its list of references includes a lin
Att. openssl.org web server maintenance team.
The latest security advisory for OpenSSL links to the research site for
the "lucky 13" attack analysis, which links to their report in pdf
format. That report in its list of references includes a link to an
old (2004) document by Bodo Moeller at
http://csrc.nist.gov/groups/ST/key_mgmt/documents/Transitioning_CryptoAlgos_070209.pdf
On 2/22/2013 2:38 AM, Ashok C wrote:
What is the current industry standard for private key lengths?
As of now, my application supports 2048 bit-wide keys.
I'm planning to support higher key lengths now, and w
On 2/21/2013 2:29 PM, ashish2881 wrote:
I have a certificate chain in a file chain.pem .it also has root
certificate(self signed) .
How can i verify the chain,if all certificates are present in the chain .
Thanks
Good question!
I recently tested this myself, and here are my (preliminary) re
Hope this helps : http://www.keylength.com/en/3/
Le 22/02/2013 08:38, Ashok C a écrit :
Hi,
What is the current industry standard for private key lengths?
As of now, my application supports 2048 bit-wide keys.
I'm planning to support higher key lengths now, and want your
suggestions on how big
On 2/21/2013 11:12 AM, Mozes, Rachel wrote:
Hi all,
Recently, OpenSSL Security Advisory sent a message about a new
vulnerability which was found and numbered as CVE-2013-0169. This
announce advises to all SSL and TLS users to upgrade the OpenSSL version.
But from a quick Google search, it loo
On 2/22/2013 9:16 AM, Rajeswari K wrote:
Hello Team,
We have a requirement to support onboard crypto engine which doesn't
share private keys to openssl. Current openssl code requires private
keys in its possession to succeed with handshake process.
Is there any way to skip updation of private ke
On 22/02/2013 6:41 p.m., saurav barik wrote:
Hello,
I am trying to implement TLS security (in the client side) over a UDP
connection. I have a parallel TCP connection(to the same server) over
which TLS is already done and it works fine. In the same session of my
application I am creating a UDP c
Perhaps some on this list are better qualified than me to answer this
question, but this is my $0.02.
Generally speaking, higher-bit key lengths (than 2048) become much slower
when used on embedded hardware (even high-end smartphones). In some cases
it may be impossible to support keys longer tha
> -Original Message-
> From: saurav barik
>
> Can I use
> TLS over a UDP connection(I understand DTLS can be used but my project
> needs TLS)?
No, you can't. You need a reliable transport protocol, i.e. TCP. See RFC 5246.
It's right there in the first paragraph of chapter one.
Patrick E
Hello,
I am trying to implement TLS security (in the client side) over a UDP
connection. I have a parallel TCP connection(to the same server) over
which TLS is already done and it works fine. In the same session of my
application I am creating a UDP connection to the same server (UDP
socket) and a
I have a certificate chain in a file chain.pem .it also has root
certificate(self signed) .
How can i verify the chain,if all certificates are present in the chain .
Thanks
--
View this message in context:
http://openssl.6102.n7.nabble.com/check-certificate-chain-in-a-pem-file-tp43871.html
Se
Thank you, Steve for your input.
> You say it is "dynamic linked". How are you actually handling that? Are
you
> linking to libeay32.dll only or fipscanister.lib too?
If I do not manually export FIPS_selftest through crypto.h and libeay.def I
have to
use the fipscanister.lib too otherwise Visual
Sorry, but the mailing list program has eaten more than half of my
rant. Looks like it doesn't like a dot on it's own on a line (Yes, I
know it's the SMTP signal for EOT).
Hi,
I was monkeying around a bit with s_client. Idea is to feed s_client a
file with commands required to STARTTLS, authenti
Hi all,
Recently, OpenSSL Security Advisory sent a message about a new vulnerability
which was found and numbered as CVE-2013-0169. This announce advises to all
SSL and TLS users to upgrade the OpenSSL version.
But from a quick Google search, it looks like there is a contradiction between
the
19 matches
Mail list logo