Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Mon Jan 14, 2002 at 04:45:00PM -0800, Ben Reser wrote: > > I think it's an export issue, not an installation issue, which would > > make this not feasible. > > Vincent, > > So if it's an export issue why would you be able to export a SRPM that > has an option to enable to the full package. For that matter how can > you distribute a SRPM that just has a patch to disable the full > capability. No matter which one you're still distributing the full > technology if you're shipping the source. Hmmm... you have a point. I guess to fully comply with French law we could export a dummied-down binary package, but not the source package which has the full-strength encryption. Err... wait... this is what you just said. > Now you could not ship the SRPM since openssl is a BSD style license but > that's really not mandrake's style. Right. I don't think this is a good idea and would probably piss a lot of people off. Of course, the alternative is to not be in full compliance or not use openssl in the software (the latter not being an option). > Frankly I think there is no way to comply with a export restriction > without a running into some other issue. At least without jumping > through a ton of hoops. I think you're right. =( -- MandrakeSoft Security, OpenPGP key available on www.keyserver.net 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD Current Linux kernel 2.4.8-34.1mdk uptime: 4 days 6 hours 1 minutes. msg51225/pgp0.pgp Description: PGP signature
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Mon, Jan 14, 2002 at 04:43:14PM -0700, Vincent Danen wrote: > I think it's an export issue, not an installation issue, which would > make this not feasible. Vincent, So if it's an export issue why would you be able to export a SRPM that has an option to enable to the full package. For that matter how can you distribute a SRPM that just has a patch to disable the full capability. No matter which one you're still distributing the full technology if you're shipping the source. Now you could not ship the SRPM since openssl is a BSD style license but that's really not mandrake's style. Frankly I think there is no way to comply with a export restriction without a running into some other issue. At least without jumping through a ton of hoops. -- Ben Reser <[EMAIL PROTECTED]> http://ben.reser.org "I wish it need not have happened in my time," said Frodo. "So do I," said Gandalf, "and so do all who live in such times. But that is not for them to decide. All we have to decide is what to do with the time that is given us."
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Mon Jan 14, 2002 at 02:51:25PM -0800, SI Reasoning wrote: > or Mandrake could have the dumbed down crypto in > France, and the proper crypto everywhere else. > Maybe make it depend on locales or something like time > zone/city or something like that. I think it's an export issue, not an installation issue, which would make this not feasible. -- MandrakeSoft Security, OpenPGP key available on www.keyserver.net 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD Current Linux kernel 2.4.8-34.1mdk uptime: 3 days 3 hours 23 minutes. msg51074/pgp0.pgp Description: PGP signature
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
or Mandrake could have the dumbed down crypto in France, and the proper crypto everywhere else. Maybe make it depend on locales or something like time zone/city or something like that. --- Vincent Danen <[EMAIL PROTECTED]> wrote: > On Sat Jan 12, 2002 at 11:00:14PM -0800, SI > Reasoning wrote: > > > This may be a problem if a distro has to dumb down > > their security based on their host country's > > individual policies. I don't feel comfortable with > > dumbed down security just because of French Laws. > > Unfortunately, according to the law, there isn't > much we can do about > it, unless we do the crypto mirror thing again. > However, since rpm is > a little more advanced, it should be simplicity to > add a --with > fullcipher (or whatever) switch to allow us to > rebuild it with full > strength crypto. That wouldn't be illegal. > > I'm sure that MandrakeSoft doesn't feel comfortable > violating French > laws either, and since we are likely to get sued if > we do break the > law, the better scenario is to obey the law even if > it stinks. > > That said, there are always ways to get around > things, and making a > conditional rebuild switch is one of them (the > crypto mirrors are > another). > > -- > MandrakeSoft Security, OpenPGP key available on > www.keyserver.net > 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 > D0E5 FE6F 2AFD > > Current Linux kernel 2.4.8-34.1mdk uptime: 3 days 1 > hour 49 minutes. > > ATTACHMENT part 2 application/pgp-signature = SI Reasoning [EMAIL PROTECTED] "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." Benjamin Franklin __ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Sat Jan 12, 2002 at 11:00:14PM -0800, SI Reasoning wrote: > This may be a problem if a distro has to dumb down > their security based on their host country's > individual policies. I don't feel comfortable with > dumbed down security just because of French Laws. Unfortunately, according to the law, there isn't much we can do about it, unless we do the crypto mirror thing again. However, since rpm is a little more advanced, it should be simplicity to add a --with fullcipher (or whatever) switch to allow us to rebuild it with full strength crypto. That wouldn't be illegal. I'm sure that MandrakeSoft doesn't feel comfortable violating French laws either, and since we are likely to get sued if we do break the law, the better scenario is to obey the law even if it stinks. That said, there are always ways to get around things, and making a conditional rebuild switch is one of them (the crypto mirrors are another). -- MandrakeSoft Security, OpenPGP key available on www.keyserver.net 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD Current Linux kernel 2.4.8-34.1mdk uptime: 3 days 1 hour 49 minutes. msg51055/pgp0.pgp Description: PGP signature
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Mondayen den 14 January 2002 20.11, Ben Reser wrote: > On Mon, Jan 14, 2002 at 07:06:30PM +0100, Oden Eriksson wrote: > > Yes, that would be nice. But I like Vincents idea though..., that way I > > simply could rebuild openssl the way I want. > > But isn't shipping the source that is capable of it just as bad as > shipping a binary? No, I don't think so. (or..., I hope not...) -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Oden Eriksson, Deserve-IT Networks, Jokkmokk, Sweden. | Mandrake Linux release 8.2 (Cooker) for i586 | Current uptime with kernel 2.4.17-2mdksmp: 11 hours 12 minutes | cpu0 @ 799.53 bm, fan 4560 rpm, temp +29°C | cpu1 @ 801.17 bm, fan 4500 rpm, temp +29.5°C
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Mon, Jan 14, 2002 at 07:06:30PM +0100, Oden Eriksson wrote: > Yes, that would be nice. But I like Vincents idea though..., that way I > simply could rebuild openssl the way I want. But isn't shipping the source that is capable of it just as bad as shipping a binary? -- Ben Reser <[EMAIL PROTECTED]> http://ben.reser.org "I wish it need not have happened in my time," said Frodo. "So do I," said Gandalf, "and so do all who live in such times. But that is not for them to decide. All we have to decide is what to do with the time that is given us."
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
måndagen den 14 januari 2002 19.06 skrev Oden Eriksson: > On Mondayen den 14 January 2002 18.01, Guillaume Rousse wrote: > > Ainsi parlait guran : > > > On Sunday 13 January 2002 6:56 am, Vincent Danen wrote: > > > > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > > > > > Name: openssl Relocations: (not > > > > > > relocateable) Version : 0.9.6b > > > > > > Vendor: MandrakeSoft Release : 5mdk > > > > > > Build Date: Tue Jan 8 17:05:44 > > > > > > > > > > [snip] > > > > > > > > > > > - 2 patches to follow French policy: > > > > > > - Patch5: Limit SSL ciphers available to 128 bits > > > > > > - Patch6: Temptatively disable triple-key triple DES but keep > > > > > > double-key triple DES > > > > > > > > > > Will there be a full version somewhere? > > > > > > > > What would be ideal is a build command like --with fullcipher or > > > > something in the package so someone outside of France could just do > > > > "rpm --rebuild --with fullcipher openssl*src.rpm". > > > > > > I think that Mdk should have to use a sticker to every package sold, > > > telling the buyer of their product that it is made a criple because of > > > French law. > > > > As Oden suggested, if Mdk doesn't want to re-activate crypto mirrors, i > > could host the non-crippled packages on PLF. My main complain about > > ssh-agent problem was fixed by patch6 removal in subsequent openSSL > > release, but i don't feel like the #5 neither. > > Just tell me if some of you would be interested. > > Yes, that would be nice. But I like Vincents idea though..., that way I > simply could rebuild openssl the way I want. I think that you should test that - I would be thankful. If the traffic becomes to high, sunet might take it - they still have the old crypto directory. regards guran -- Mandrake Linux 8.2 Cooker kernel-2.4.17.3mdk-1-1mdk version:2002-01-14-15:36
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Mondayen den 14 January 2002 18.01, Guillaume Rousse wrote: > Ainsi parlait guran : > > On Sunday 13 January 2002 6:56 am, Vincent Danen wrote: > > > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > > > > Name: openssl Relocations: (not > > > > > relocateable) Version : 0.9.6b > > > > > Vendor: MandrakeSoft Release : 5mdk > > > > > Build Date: Tue Jan 8 17:05:44 > > > > > > > > [snip] > > > > > > > > > - 2 patches to follow French policy: > > > > > - Patch5: Limit SSL ciphers available to 128 bits > > > > > - Patch6: Temptatively disable triple-key triple DES but keep > > > > > double-key triple DES > > > > > > > > Will there be a full version somewhere? > > > > > > What would be ideal is a build command like --with fullcipher or > > > something in the package so someone outside of France could just do > > > "rpm --rebuild --with fullcipher openssl*src.rpm". > > > > I think that Mdk should have to use a sticker to every package sold, > > telling the buyer of their product that it is made a criple because of > > French law. > > As Oden suggested, if Mdk doesn't want to re-activate crypto mirrors, i > could host the non-crippled packages on PLF. My main complain about > ssh-agent problem was fixed by patch6 removal in subsequent openSSL > release, but i don't feel like the #5 neither. > Just tell me if some of you would be interested. Yes, that would be nice. But I like Vincents idea though..., that way I simply could rebuild openssl the way I want. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Oden Eriksson, Deserve-IT Networks, Jokkmokk, Sweden. | Mandrake Linux release 8.2 (Cooker) for i586 | Current uptime with kernel 2.4.17-2mdksmp: 9 hours 41 minutes | cpu0 @ 799.53 bm, fan 4560 rpm, temp +29°C | cpu1 @ 801.17 bm, fan 4530 rpm, temp +29.0°C
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
> > > "rpm --rebuild --with fullcipher openssl*src.rpm". > > > > I think that Mdk should have to use a sticker to every package sold, > > telling the buyer of their product that it is made a criple because of > > French law. > > As Oden suggested, if Mdk doesn't want to re-activate crypto mirrors, i could > host the non-crippled packages on PLF. My main complain about ssh-agent > problem was fixed by patch6 removal in subsequent openSSL release, but i > don't feel like the #5 neither. > Just tell me if some of you would be interested. Yes, I think it would be a good idea if you don't mind several thousand people downloading crashing your server ... :-) -- Geoff.
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
Ainsi parlait guran : > On Sunday 13 January 2002 6:56 am, Vincent Danen wrote: > > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > > > Name: openssl Relocations: (not > > > > relocateable) Version : 0.9.6bVendor: > > > > MandrakeSoft Release : 5mdk Build Date: > > > > Tue Jan 8 17:05:44 > > > > > > [snip] > > > > > > > - 2 patches to follow French policy: > > > > - Patch5: Limit SSL ciphers available to 128 bits > > > > - Patch6: Temptatively disable triple-key triple DES but keep > > > > double-key triple DES > > > > > > Will there be a full version somewhere? > > > > What would be ideal is a build command like --with fullcipher or > > something in the package so someone outside of France could just do > > "rpm --rebuild --with fullcipher openssl*src.rpm". > > I think that Mdk should have to use a sticker to every package sold, > telling the buyer of their product that it is made a criple because of > French law. As Oden suggested, if Mdk doesn't want to re-activate crypto mirrors, i could host the non-crippled packages on PLF. My main complain about ssh-agent problem was fixed by patch6 removal in subsequent openSSL release, but i don't feel like the #5 neither. Just tell me if some of you would be interested. -- Guillaume Rousse <[EMAIL PROTECTED]> GPG key http://lis.snv.jussieu.fr/~rousse/gpgkey.html
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Sun, 13 Jan 2002, Oden Eriksson wrote: > It's not unique to Mandrake, Redhat has also a crippled openssl package, I > think they also remove(d?) RSA from it. But since the RSA patent expired I > don't know the current status of the Redhat openssl package. Red Hat re-added RSA when the US patent restriction was gone. bash-2.05$ openssl genrsa Generating RSA private key, 512 bit long modulus ... e is 65537 (0x10001) -BEGIN RSA PRIVATE KEY- MIIBOwIBAAJBANWuDs1NK5w1HoHRxyGKZNr1s26JW29H2nKG12bDTpW3nFdx7PZj kJmV15X6VDttywvRxVH1zs4pOAVmtlX37lUCAwEAAQJBAKitC/Y4ktJuhDSKep0Z eF/4ULpTJ6CCogiCNQtj5Wb85tgGLmn+dXEvOQBDyRlRV0Rk3C7ZjmKTgs28skZI r8kCIQDt7aNc2S1otHb/moRiud0XweJ+zaP9nvVPpOaie1J2SwIhAOXo7Qr4zAaL bDS1LgbRfUy9XDTaQS82iWtBdOJdhsnfAiEAr4ZMqkadtUzNLSv01lB/xvMGAL38 aTJHjwX8D4oi/5kCICPv2L2STjHnsS4788nVDQTlxHfudanvmGNPg/muLNd5AiAq jvhyH29ytutWLAyY7U+biCoGmiAIX5BBCvck4pU7mA== -END RSA PRIVATE KEY- bash-2.05$ openssl version OpenSSL 0.9.6b [engine] 9 Jul 2001
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Sunday 13 January 2002 12:09 pm, Oden Eriksson wrote: > > It's not unique to Mandrake, Redhat has also a crippled openssl package, I > think they also remove(d?) RSA from it. But since the RSA patent expired I > don't know the current status of the Redhat openssl package. Interesting scenario, personally I would use non encrypted e-mail and thus fool some filters. regards guran -- Mandrake Linux 8.2 Cooker kernel-2.4.17.2mdk-1-1mdk version:2002-01-13-07:19
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Sundayen den 13 January 2002 08.15, guran wrote: > On Sunday 13 January 2002 6:56 am, Vincent Danen wrote: > > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > > > Name: openssl Relocations: (not > > > > relocateable) Version : 0.9.6bVendor: > > > > MandrakeSoft Release : 5mdk Build Date: > > > > Tue Jan 8 17:05:44 > > > > > > [snip] > > > > > > > - 2 patches to follow French policy: > > > > - Patch5: Limit SSL ciphers available to 128 bits > > > > - Patch6: Temptatively disable triple-key triple DES but keep > > > > double-key triple DES > > > > > > Will there be a full version somewhere? > > > > What would be ideal is a build command like --with fullcipher or > > something in the package so someone outside of France could just do > > "rpm --rebuild --with fullcipher openssl*src.rpm". > > I think that Mdk should have to use a sticker to every package sold, > telling the buyer of their product that it is made a criple because of > French law. > > Thanks to Oden, for pointing this out to me. It's not unique to Mandrake, Redhat has also a crippled openssl package, I think they also remove(d?) RSA from it. But since the RSA patent expired I don't know the current status of the Redhat openssl package. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Oden Eriksson, Deserve-IT Networks, Jokkmokk, Sweden. | Mandrake Linux release 8.2 (Cooker) for i586 | Current uptime with kernel 2.4.17-2mdksmp: 27 minutes | cpu0 @ 799.53 bm, fan 4560 rpm, temp +29°C | cpu1 @ 801.17 bm, fan 4500 rpm, temp +29.0°C
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Sundayen den 13 January 2002 04.30, Geoffrey Lee wrote: > On Sat, Jan 12, 2002 at 10:56:36PM -0700, Vincent Danen wrote: > > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > > > Name: openssl Relocations: (not > > > > relocateable) Version : 0.9.6bVendor: > > > > MandrakeSoft Release : 5mdk Build Date: > > > > Tue Jan 8 17:05:44 > > > > > > [snip] > > > > > > > - 2 patches to follow French policy: > > > > - Patch5: Limit SSL ciphers available to 128 bits > > > > - Patch6: Temptatively disable triple-key triple DES but keep > > > > double-key triple DES > > > > > > Will there be a full version somewhere? > > > > What would be ideal is a build command like --with fullcipher or > > something in the package so someone outside of France could just do > > "rpm --rebuild --with fullcipher openssl*src.rpm". > > What about the old crypto mirrors? > > This would be a candidate, provided, that we don't have to rebuild > everything linked with openssl just because of the removal of some patch. Hmm..., yes I though of that, and I too really would like to know if other packages depend on higher ciphers, mod_ssl, etc? -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Oden Eriksson, Deserve-IT Networks, Jokkmokk, Sweden. | Mandrake Linux release 8.2 (Cooker) for i586 | Current uptime with kernel 2.4.17-2mdksmp: 18 minutes | cpu0 @ 799.53 bm, fan 4560 rpm, temp +28¢XC | cpu1 @ 801.17 bm, fan 4530 rpm, temp +28.5¢XC
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Sunday 13 January 2002 6:56 am, Vincent Danen wrote: > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > > Name: openssl Relocations: (not > > > relocateable) Version : 0.9.6bVendor: > > > MandrakeSoft Release : 5mdk Build Date: > > > Tue Jan 8 17:05:44 > > > > [snip] > > > > > - 2 patches to follow French policy: > > > - Patch5: Limit SSL ciphers available to 128 bits > > > - Patch6: Temptatively disable triple-key triple DES but keep > > > double-key triple DES > > > > Will there be a full version somewhere? > > What would be ideal is a build command like --with fullcipher or > something in the package so someone outside of France could just do > "rpm --rebuild --with fullcipher openssl*src.rpm". I think that Mdk should have to use a sticker to every package sold, telling the buyer of their product that it is made a criple because of French law. Thanks to Oden, for pointing this out to me. regards guran -- Mandrake Linux 8.2 Cooker kernel-2.4.17.2mdk-1-1mdk version:2002-01-11-18:38
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
This may be a problem if a distro has to dumb down their security based on their host country's individual policies. I don't feel comfortable with dumbed down security just because of French Laws. --- Vincent Danen <[EMAIL PROTECTED]> wrote: > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden > Eriksson wrote: > > > > Name: openssl > Relocations: (not relocateable) > > > Version : 0.9.6b > Vendor: MandrakeSoft > > > Release : 5mdk > Build Date: Tue Jan 8 17:05:44 > > > > [snip] > > > > > - 2 patches to follow French policy: > > > - Patch5: Limit SSL ciphers available to 128 > bits > > > - Patch6: Temptatively disable triple-key > triple DES but keep > > > double-key triple DES > > > > Will there be a full version somewhere? > > What would be ideal is a build command like --with > fullcipher or > something in the package so someone outside of > France could just do > "rpm --rebuild --with fullcipher openssl*src.rpm". > > -- > MandrakeSoft Security, OpenPGP key available on > www.keyserver.net > 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 > D0E5 FE6F 2AFD > > Current Linux kernel 2.4.8-34.1mdk uptime: 1 day 9 > hours 36 minutes. > > ATTACHMENT part 2 application/pgp-signature = SI Reasoning [EMAIL PROTECTED] "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." Benjamin Franklin __ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Sat, Jan 12, 2002 at 10:56:36PM -0700, Vincent Danen wrote: > On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > > > Name: openssl Relocations: (not relocateable) > > > Version : 0.9.6bVendor: MandrakeSoft > > > Release : 5mdk Build Date: Tue Jan 8 17:05:44 > > > > [snip] > > > > > - 2 patches to follow French policy: > > > - Patch5: Limit SSL ciphers available to 128 bits > > > - Patch6: Temptatively disable triple-key triple DES but keep > > > double-key triple DES > > > > Will there be a full version somewhere? > > What would be ideal is a build command like --with fullcipher or > something in the package so someone outside of France could just do > "rpm --rebuild --with fullcipher openssl*src.rpm". > What about the old crypto mirrors? This would be a candidate, provided, that we don't have to rebuild everything linked with openssl just because of the removal of some patch. -- g.
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
could you explain or post a url, is france limiting peoples freedom to encrypt or something? it's 6.10am here in cardiff and i'm bored! bascule > > What would be ideal is a build command like --with fullcipher or > something in the package so someone outside of France could just do > "rpm --rebuild --with fullcipher openssl*src.rpm".
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
On Tue Jan 08, 2002 at 07:21:48PM +0100, Oden Eriksson wrote: > > Name: openssl Relocations: (not relocateable) > > Version : 0.9.6bVendor: MandrakeSoft > > Release : 5mdk Build Date: Tue Jan 8 17:05:44 > > [snip] > > > - 2 patches to follow French policy: > > - Patch5: Limit SSL ciphers available to 128 bits > > - Patch6: Temptatively disable triple-key triple DES but keep > > double-key triple DES > > Will there be a full version somewhere? What would be ideal is a build command like --with fullcipher or something in the package so someone outside of France could just do "rpm --rebuild --with fullcipher openssl*src.rpm". -- MandrakeSoft Security, OpenPGP key available on www.keyserver.net 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD Current Linux kernel 2.4.8-34.1mdk uptime: 1 day 9 hours 36 minutes. msg50891/pgp0.pgp Description: PGP signature
Re: [Cooker] Re: [CHRPM] openssl-0.9.6b-5mdk
Oden Eriksson wrote: >On Tuesdayen den 8 January 2002 19.00, Gwenole Beauchesne wrote: > >>--=-=-= >>Name: openssl Relocations: (not relocateable) >>Version : 0.9.6bVendor: MandrakeSoft >>Release : 5mdk Build Date: Tue Jan 8 17:05:44 >> > >[snip] > >>- 2 patches to follow French policy: >> - Patch5: Limit SSL ciphers available to 128 bits >> - Patch6: Temptatively disable triple-key triple DES but keep >>double-key triple DES >> > >Will there be a full version somewhere? > Maybe time to PLF the full version...