Re: [openssl-dev] [EXTERNAL] Re: PKCS12 safecontents bag type deviation from spec

2018-01-16 Thread Blumenthal, Uri - 0553 - MITLL
I think the change is justified. — Regards, Uri > On Jan 16, 2018, at 14:31, Sands, Daniel wrote: > > On Tue, 2018-01-16 at 14:50 +, Salz, Rich via openssl-dev wrote: >> OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE >> OF. Ouch! Will that cause interop problems if we cha

Re: [openssl-dev] [openssl/openssl] Dtls listen refactor (#5024)

2018-01-16 Thread Matt Caswell
On 16/01/18 19:44, Michael Richardson wrote: > > Matt Caswell wrote: > >> a) when the existing FD is connect(2) any future traffic to the bound > >> port will get rejected with no port. So the application really has to > >> open a new socket first. The application can do this two

Re: [openssl-dev] [openssl/openssl] Dtls listen refactor (#5024)

2018-01-16 Thread Michael Richardson
Matt Caswell wrote: >> a) when the existing FD is connect(2) any future traffic to the bound >> port will get rejected with no port. So the application really has to >> open a new socket first. The application can do this two ways: it can >> open a new socket on which to receive

Re: [openssl-dev] [EXTERNAL] Re: PKCS12 safecontents bag type deviation from spec

2018-01-16 Thread Sands, Daniel
On Tue, 2018-01-16 at 14:50 +, Salz, Rich via openssl-dev wrote: > OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE > OF.  Ouch!  Will that cause interop problems if we change it?  (I > don’t remember the DER encoding rules) > > > Well, a SEQUENCE uses tag 16 while a SET use

Re: [openssl-dev] [openssl/openssl] Dtls listen refactor (#5024)

2018-01-16 Thread Matt Caswell
On 16/01/18 15:32, Michael Richardson wrote: > > a) when the existing FD is connect(2) any future traffic to the bound port >will get rejected with no port. So the application really has to open a >new socket first. >The application can do this two ways: it can open a new socket on

Re: [openssl-dev] [openssl/openssl] Dtls listen refactor (#5024)

2018-01-16 Thread Michael Richardson
please see https://github.com/openssl/openssl/pull/5024 mattcaswell asks on github: mattcaswell> I am unclear about the underlying premise of this PR: mcr> This patch refactors the DTLSv1_listen() to create an mcr> alternative API that is called DTLSv1_accept(). mcr> DTLSv1_ac

Re: [openssl-dev] PKCS12 safecontents bag type deviation from spec

2018-01-16 Thread Salz, Rich via openssl-dev
OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE OF. Ouch! Will that cause interop problems if we change it? (I don’t remember the DER encoding rules) -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev