Jeeze, boobie! Lighten UP!! There have been no court cases on the issue (are you a
lawyer or a judge??), .. and your analogy to piece parts is invalid. Quit giving bogus
legal advice!
Lee
At 09:39 AM 11/18/99 , you wrote:
>-Original Message-
>From: Leland V. Lammert &
bove,
>
>Thank You,
>
>A.
www.openca.org
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Cons
very
interested in pros and cons.
TIA,
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants
At 01:08 PM 11/30/99 , you wrote:
>"Leland V. Lammert" <[EMAIL PROTECTED]> writes:
> > 1) Purchase an Apache like Stronghold (at $1K+ not an option for a small company).
>Completely legal in the US?
>Frankly, I find this baffling. I work for a small company (two p
ssl_pricing.html
>
>and what is your opinion?
Interesting, .. reasonable price ($95) for an SSL toolkit. No help with the RSA
license issue however, .. they also pass through the 2% fee.
Lee
====
Leland V. Lammert
ither
> > the client nor the server are checking certificates, we're just using
> > the encryption for now.
Check out openca.org - we have not used their system, but it is supposed to be a
standard CA implementation.
Lee
=========
on is on the web site -
http://www.openssl.org/docs/openssl.html
Another source is the system you are integrating openssl *with* (e.g. Apache).
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist
which they are not aware in most cases.
I created our own cert two years ago, and just renewed it (recreated for another 365
days) for the second time. Nobody has complained to date!
Lee
============
Leland V. Lammert
At 04:56 PM 12/22/99 , you wrote:
>"Leland V. Lammert" wrote:
>
>i don't want to sound ungrateful, but that document is useless for
>someone
>who wants to learn how to operate the thing. if the openssl people want
>to get
>people to start using it, they'
is a SW patent gone WAY off track.
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/I
the location of the CERT in the httpsd.conf file.
BTW - Verisign SHOULD have FAQs and docs for this process, .. you might want to
contact them also.
Lee
============
Leland V. Lammert[EMAIL PROTEC
the server did not see it.
HTH,
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Net
server to install the proper CERT you are no worse
(to the user) than using a self-signed CERT (which we do).
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corp
Lee
====
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants www
ile?? In any case, a tarball is typically source code, .. which is a
REAL pain to compile on Win32.
A far better approach would be to acquire one of the pre-build binaries.
Lee
====
Leland V. Lammert[EMA
to use it after being asked to cease and desist, RSA may also
be able to win a court case for damages.
If you are worried about that, you can purchase one of the commercial flavors -
Stronghold or RedHad Secure Server.
Lee
========
ration and security installations for
companies with international branches."
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corpo
lly
> > *knows* the library.
> >
>
>Unfortunately you're in the US which may well cause problems :-(
>
>Steve.
Steve,
Please elaborate. With the current relaxation on US export regulations, I would think
this no longer a problem??
Lee
======
n without risk in the US to help clean up the openssl docs?
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Netw
far easier to run over an SSH connection, would it not?
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants
At 05:00 AM 1/24/00 , you wrote:
>I've been quite unsucessfull in finding documentation about setting up a
>corporate CA.
>
>Does anyone have some pointers for me?
>
>Thanks,
>
>A.
www.openca.org (and mirrors)
=========
ort encryption, .. but as long as we use
international code there are no restrictions.
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Ne
happily mix the two, taking the 'trod upon' viewpoint, .. but I
would recommend checking with your own lawyers to make a decision.
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist
ation. Those selling SSL
applications, certainly, have reason to be cautious of RSAREF and patent issues, ..
however your confirmation above about corporate use is exactly what we do, and I have
been recommending for five years.
Lee
========
rience pro/con??
TIA,
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Inte
At 08:04 PM 3/28/00 , you wrote:
>Want some free certificate from the Internet?
>Try www.secureage.com
What does this have to do with certs? The site is about a security application, .. not
certs - have I missed something?
Lee
====
Le
nSSL (self certifying).
Thanks,
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants
At 04:58 PM 4/19/00 , you wrote:
>On Wed, 19 Apr 2000, Leland V. Lammert wrote:
>
>SSH has never had a GPL version, ssh-1.2.16 and previous were under
>a free license but later versions were under successively more
>restrictive licenses.
>
>Use OpenSSH :)
*BUT* OpenSSH
s.
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants
.. so you might wish to revert back to the original
again.
Lee
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Co
Directory!?!?!?), so why cannot there be an Opensource one?!?!?
I must have missed something in this thread? Is there a problem with openca
(www.openca.org)??
Lee
Leland V. Lammert[EMAIL PROTECTED]
connection.
Other than that, I, for one, will continue to use our self-generated certs .
Lee
====
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Netwo
.
>Can anyone give me some advice about this?
You can also check out EquiFax - they have a standard CERT for $45, last time I
checked.
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants w
Tom,
The virtual hosts you have configured will not work. You must have a unique IP/Port
combination for EACH SSL server. Use a separate IP for your hosts [or port] and
everything will be copasetic.
Lee
At 01:03 PM 7/27/00, you wrote:
>I can be more specific:
>
>Here's how I have it s
At 10:37 AM 8/28/00 -0500, you wrote:
>Quick question.
>
>We are getting ready to do some major upgrades on our network, thus
>moving everything off the old. How would I go about transfering our
>digital certificates, ect. from one server to another?
>
>The reason I ask is that we use Verisign an
At 10:39 PM 8/30/00 +0200, you wrote:
>On Wed, Aug 30, 2000 at 09:58:21PM +0200, Arne Borkowski (borko.net) wrote:
> > Hi,
> >
> > someone mentioned the URL http://www.openca.org/
> >
> > However, I cannot establish a link with my browser to it. Is the URL wrong?
> > Is the site down? Could somebo
At 01:21 AM 8/31/00 +0200, you wrote:
>Hi,
>
>somewhere with *.interbusiness.it the tracert dies.
>
>But still I cannot access the site from here. However, I do not want to
>bother the whole list with that problem. I'll keep on trying without
>complainig here :-)
10 mi5-ny2-1.seabone.net (195.22
At 02:14 PM 9/5/00 +0200, you wrote:
>Hello,
>
>Suppose that a user generates a certificate request, but enrolls partially
>incorrect information in it (let's say (s)he filled the OU in other format
>than how I'd like it to be; for example "Dept. 870" instead of just "870").
Ivan,
I do not think
At 08:39 AM 9/18/00 -0700, you wrote:
>how do I get it to work on win 98. I have perl and turbo C++ by Borland. HELP
Build a server.
Lee
__
OpenSSL Project http://www.openssl.org
User Su
At 05:53 PM 9/25/00 -0700, you wrote:
>Hi, can someone help me? I'm trying to change the
>passphrase that is use to start the ssl-apache. Thanks.
Buy a new Cert.
Lee
__
OpenSSL Project h
At 11:17 AM 10/29/00 +0800, you wrote:
>When I try to send mail or receive mail using the SSL
>connection using Outlook 98 , the following error
>message occurs . "IP address does not match the server
>name" .
>
>So , I am wondering if this is due to DNS error ?
That would mean that the Reverse
(which we always do here, .. I, for one, would not
wish to schlep down to the NOC in case the UPS ran out!), you need to
remove the passphrase from the key.
IIRC, the procedure is in the FAQ.
>Thank you in advance!
You're welcome.
Lee
====
of solving!
I, for one, *use* 'snake oil' certificates because I wish to *remind* the
user that they must trust the issuer of the certificate (displayed in the
dialog box), .. paying $125 (or even $400) a year is not the proper way to
earn that trust.
I guess that makes 6 cents!
Lee
this CA certificate, or am I going to have to
>generate a new CA?
>
>Thanks,
>Wade
When you generate the cert, specify '-days 365' for a year.
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
that would provide a very BIG security hole !
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants
that *seems* like the
best option for this choice.
Thanks again, .. SSH might be the solution after all, but NOT (most likely)
with the standard client program.
Lee
=======
Leland V. Lammert, PhDChief Scientist
Omnitec
At 11:41 AM 3/18/99 -0600, you wrote:
>J. River's ICE.PPN might be just what you need.
>http://www.jriver.com/
>
Thanks! Someone else had mentioned jriver, .. but I did not notice that ICE.PPN
product!
Lee
=======
Leland V
ood question! I thought RedHat Secure Server used mod_ssl? How can that
include an RSA license?
Lee
=======
Leland V. Lammert, PhDChief Scientist
Omnitec Corporation Network Consulting
[
altime security updates
(daily).
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Inte
inking that all I have to do is generate a separate
>certificate and use it to sign the site certificates?
>
Steven,
Check out www.openca.org - I have seen it mentioned in threads here, ..
though I
have not checked it out myself.
Lee
============
1) Enter the pass phrase every time you reboot the server or start Apache
2) Remove the pass phrase via your SSL toolkit (may require the proper mail
list)
Lee
========
Leland V. Lammert[EMAIL PROTECTED]
Chief Sci
ices model (e.g. https).
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Con
I just copy it over the old
>dummy certificate currently being used by my apache server?
>
Yes, assuming the names match.
Lee
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist
At 12:56 AM 8/27/99 , you wrote:
>anybody
somebody
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants www.omnitec.
not inside a virtual host).
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet
rewall and cannot even
download 128-bit encryption products!
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet
eyond your capabilities, you might look for an ISP that offers
secure web hosting.
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Root //secure/html
>ErrorLog //secure/logs/error_log
>TransferLog //secure/logs/access_log
>
Lee
====
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
they
often are innocent parties to virus spread. Only with valid signatures
(i.e. trusted vendors) is it even safe to consider opening executable content.
Of course, .. those of you with Outlook have a problem before you open the
program !!
Lee
=========
Sorry folks, I meant to direct the previous message directly to the
miscreant that does not know how to use a mailing list.
Lee
__
OpenSSL Project http://www.openssl.org
User Support Mai
At 06:24 PM 2/21/01 +0600, you wrote:
>REMOVE
Hey dufus,
THIS IS SPAM! It is NOT polite, .. nor it is appreciated by the rest of us.
There are a lot of folks out here that see enough email at the present
time, .. please do NOT bother us with YOUR problems. There is ABSOLUTELY NO
BENEFIT to tr
someone else responded, many of the NAT boxes will do this, .. but I
have seen some that will not.
Lee
============
Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corpora
63 matches
Mail list logo
