> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Jakob Bohm
> Sent: Tuesday, April 18, 2017 06:22
>
> Please note that all of these "CBC vulnerabilities" you specifically
> mention are SSL/TLS vulnerabilities in the particular ways that SSL3
> and current TLS
On 13/04/2017 22:01, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Dipak Gaigole
Sent: Thursday, April 13, 2017 15:12
I will try with disabling FIPS.
Opinions differ, but many people - including myself - recommend not enabling
FIPS mode
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Dipak Gaigole
> Sent: Thursday, April 13, 2017 15:12
> I will try with disabling FIPS.
Opinions differ, but many people - including myself - recommend not enabling
FIPS mode unless it is explicitly required
The OpenSSL PRNG story is currently not so great, yes. But maybe
you should try without FIPS, and also with a different cipher? AES256-SHA
is both CBC and SHA1, neither of which is really a current best practice.
-BenThanks Ben. I will try with disabling FIPS. Where can i find current best
On 04/12/2017 05:54 AM, dipakgaigole wrote:
> Hi,
>
> I have a windows multi-threaded SSL server application which handles
> each client request in a new thread. The Server handles different
> types of requests. One of the request type is like “send file” where
> server thread has to read a file
Hi,I have a windows multi-threaded SSL server application which handles
each client request in a new thread. The Server handles different types of
requests. One of the request type is like send file where server
thread has to read a file from local filesystem and send the content to the