On Po, 2014-04-28 at 14:55 +0200, Florian Weimer wrote:
On 04/28/2014 02:36 PM, Tomas Mraz wrote:
diff --git a/defensive-coding/en-US/Features-TLS.xml
b/defensive-coding/en-US/Features-TLS.xml
index 936910d..f4da007 100644
--- a/defensive-coding/en-US/Features-TLS.xml
+++ b/defensive
On Po, 2014-04-28 at 15:22 +0200, Florian Weimer wrote:
On 04/28/2014 03:05 PM, Tomas Mraz wrote:
I tried to word in a way that doesn't give the impression that
/dev/urandom is insecure, while still pleasing those who strongly think
that long-term key material should be generated from
for disabling RC4 prior to implementing them in their
environments.
So no, Windows won't disable RC4 support by default.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road
when used within HMAC for message
authentication. You cannot apply birthday attack to message
authentication.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though
tensions - as the extensions would have
to be stapled onto some concrete certificates. You would have to
basically create stapled extensions for every CA in your trusted list
except for the Red Hat internal CA. And if any additional CA is added
to the trusted list, it would have to get this sta
g report against libgcrypt has an CVE assigned and still
> it is unfixed for months. This must not happen too. There should be
> some mechanism to notify somebody if a maintainer doesn't act on CVEs
> within 3 days.
If that was not a very low impact CVE I'd be willing to spend more time
on backpor
On Tue, 2020-02-18 at 21:16 +0100, David Sommerseth wrote:
> Hi,
>
> I'm running rpmlint against packages built based on the Fedora Copr
> [1] build
> I've provided for some time. I'm planning to move this forward for
> the standard
> Fedora and EPEL repositories. But rpmlint complains about
On Wed, 2020-02-19 at 12:35 +0100, David Sommerseth wrote:
> On 19/02/2020 11:33, Tomas Mraz wrote:
> > On Wed, 2020-02-19 at 11:06 +0100, David Sommerseth wrote:
> > > On 19/02/2020 08:25, Tomas Mraz wrote:
> > > [...snip...]
> > > > >
On Wed, 2020-02-19 at 11:06 +0100, David Sommerseth wrote:
> On 19/02/2020 08:25, Tomas Mraz wrote:
> [...snip...]
> > > if (!SSL_CTX_set_cipher_list(ctx,
> > >/* defau