RE: [!! SPAM] RE: Re[2]: Vista 64 bit
Hello David, Then why are you downloading OpenSSL? It's a library, a toolkit. It has no enduser application. Are you really sure? I subscribed, while at the openssl.org site for this list the description was given: openssl-users open anybody Application Development, OpenSSL Usage, Installation Problems, etc. I downloaded and installed Win32 OpenSSL v0.9.8g Light, on an XP computer, that would mean, I'm a user, isn't it? :-) Not of OpenSSL, no. Of course, for the reasons I told, I did not subscribe to: openssl-dev open subscribers Discussions on development of the OpenSSL library. Note that this is for development *of* *OpenSSL*. Just like the OpenSSL users list is for users *of* *OpenSSL*. If you are installing some other application that asked you to install OpenSSL, you have to follow that other application's instructions. I did. Using Total Commander also as FTP client on XP, it told me to install OpenSSL first, before checking the option in the settings there. Ah, so your issue is with getting Total Commander's OpenSSL support to work. You need to install OpenSSL exactly how Total Commander wants it and not any other way. OpenSSL is *NOT* intended to be 'used' by people who use programs that use it. It is intended to be used by programs and by people who make them. If you had an issue, it would be with that appication or its OpenSSL support, not with OpenSSL. Not really. I got a new computer with Vista 64 bit and I didn't find a 64 bit version of OpenSSL. That is, what I asked here. And it seemed, I asked it on the right place. ;-) How would that help you if it wasn't the version Total Commander was built to use? These are not the droids you are looking for. Who and where else should I have asked for it? If you want to know whether Total Commander works with a 64-bit SSL library and how to get/make one for it, you should be asking the Total Commander folks. (Unless you already did and got the answer that it would, in which case what are you asking exactly?) DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: [!! SPAM] RE: Re[2]: Vista 64 bit
I am newly looking into the openSSL code part and trying to understand. I have a few silly doubts regarding the usage and implementation of openSSL along with Heimdal Kerberos. Could you please let me know whom can I contact? Thanks in advance, Saritha -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gunivortus Goos Sent: Wednesday, January 02, 2008 11:39 AM To: David Schwartz Subject: Re: [!! SPAM] RE: Re[2]: Vista 64 bit Hello David, Then why are you downloading OpenSSL? It's a library, a toolkit. It has no enduser application. Are you really sure? I subscribed, while at the openssl.org site for this list the description was given: openssl-users open anybody Application Development, OpenSSL Usage, Installation Problems, etc. I downloaded and installed Win32 OpenSSL v0.9.8g Light, on an XP computer, that would mean, I'm a user, isn't it? :-) Of course, for the reasons I told, I did not subscribe to: openssl-dev open subscribers Discussions on development of the OpenSSL library. If you are installing some other application that asked you to install OpenSSL, you have to follow that other application's instructions. I did. Using Total Commander also as FTP client on XP, it told me to install OpenSSL first, before checking the option in the settings there. If you had an issue, it would be with that appication or its OpenSSL support, not with OpenSSL. Not really. I got a new computer with Vista 64 bit and I didn't find a 64 bit version of OpenSSL. That is, what I asked here. And it seemed, I asked it on the right place. ;-) These are not the droids you are looking for. Who and where else should I have asked for it? -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: [!! SPAM] RE: Re[2]: Vista 64 bit
I am newly looking into the openSSL code part and trying to understand. I have a few silly doubts regarding the usage and implementation of openSSL along with Heimdal Kerberos. Could you please let me know whom can I contact? Ask your question in this newsgroup. It is for users of OpenSSL. It's perfectly suitable for general question regarding whether OpenSSL is what you want, how to use it, or where to look for answers. Note that OpenSSL requires a surprising amount of cryprographic knowledge to use safely. If you're looking for a tool that's designed to be secure when used by people who are not security experts, you are likely looking for something other than OpenSSL. Of course, if you don't need real security, messing around with OpenSSL is a great way to learn more about security. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [!! SPAM] RE: Re[2]: Vista 64 bit
Hi, OpenSSL is *NOT* intended to be 'used' by people who use programs that use it. It is intended to be used by programs and by people who make them. I'll stick my 0.01 euro cent in here and state i disagree with this hypothesis. whether you are a user via a 3rd party program (as almost all users of openssl are!) or are directly using openssl as a developer both camps and parties should be catered for - especially as a lot of apps that use openssl really only look for the DLL or shared library - or, if built from source, the required dev libraries and link libraries. either type of user may be intersted in such things as keeping an up-to-date version for security - or ways of configuring it for better speed, performance or security settings. alan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
How to have overlap time of validity periods in CRLs
Hi, As per article available at : http://technet2.microsoft.com/windowsserver/en/library/a4331df0-273b-41a3-95f5-8425d39543c71033.mspx?mfr=true The publish period of a CRL is established by the CA administrator. However, the validity period of the CRL is extended from the publish period to allow for Active Directory replication. By default, Certificate Services extends the publish period by 10% (up to a maximum of 12 hrs) to establish the validity period. So, for example, if a CA is publishing a CRL every 24 hours, the validity period is set to 26.4 hours. Our application is a CA simulator. It publishes CRL for the certificates it has signed. -gencrl option is used to generate the CRL every 1 hour. But gencrl has option does not have a option to provide a grace extension of validity period. If -crlhours is set to '1' and CRL is published at T0, the validity interval extend from T0 to T0+1. But I need to have the validity form (T0-10min + 1), 1 hour 10 min. The client which tries to fetch the CRLs form the database in which our CA simulator stores CRL, at times complains that the CRL start time is ahead of its time, due to clock skew. Any ideas, how we can have the extensions in the validity period. Thanks, Prabhu. S __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Please Remove [EMAIL PROTECTED]
I beg your pardon. Can you redirect you request to [EMAIL PROTECTED] or [EMAIL PROTECTED] Thank you kindly Carrie Schlagenhauser 3-D Graphics and Web Design [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Sent: Tuesday, January 01, 2008 1:02 PM To: openssl-users@openssl.org Subject: Please Remove [EMAIL PROTECTED] Too many emails for me. Please take me off _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of KOLLURU SURESH Sent: Tuesday, December 25, 2007 6:08 AM To: openssl-users@openssl.org Subject: Hi Please remove from the mailing list K. Suresh K. Suresh HOD, Dept of Computer Science Sri Vasavi Engineering College Tadepalligudem _ Looking for last minute shopping deals? Find http://us.rd.yahoo.com/evt=51734/*http:/tools.search.yahoo.com/newsearch/ca tegory.php?category=shopping them fast with Yahoo! Search.
RE: Please Remove [EMAIL PROTECTED]
I'm only a recipient of e-mails from openssl.org. I do not, nor have I ever had any control over their e-mail system or membership information. You need to direct your request to the administrator. Just a fellow member. Carrie From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Carrie Sent: Wednesday, January 02, 2008 4:03 PM To: openssl-users@openssl.org Subject: RE: Please Remove [EMAIL PROTECTED] I beg your pardon. Can you redirect you request to [EMAIL PROTECTED] or [EMAIL PROTECTED] Thank you kindly Carrie Schlagenhauser 3-D Graphics and Web Design [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Sent: Tuesday, January 01, 2008 1:02 PM To: openssl-users@openssl.org Subject: Please Remove [EMAIL PROTECTED] Too many emails for me. Please take me off _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of KOLLURU SURESH Sent: Tuesday, December 25, 2007 6:08 AM To: openssl-users@openssl.org Subject: Hi Please remove from the mailing list K. Suresh K. Suresh HOD, Dept of Computer Science Sri Vasavi Engineering College Tadepalligudem _ Looking for last minute shopping deals? Find http://us.rd.yahoo.com/evt=51734/*http:/tools.search.yahoo.com/newsearch/ca tegory.php?category=shopping them fast with Yahoo! Search.
RE: What is an OpenSSL issue (was Re[2]: Vista 64 bit)
OpenSSL is *NOT* intended to be 'used' by people who use programs that use it. It is intended to be used by programs and by people who make them. I'll stick my 0.01 euro cent in here and state i disagree with this hypothesis. whether you are a user via a 3rd party program (as almost all users of openssl are!) or are directly using openssl as a developer both camps and parties should be catered for - especially as a lot of apps that use openssl really only look for the DLL or shared library - or, if built from source, the required dev libraries and link libraries. However, they generally require particular versions of OpenSSL or particular build environments. They impose their own requirements. If you can state and explain these requirements and reduce your question to one that is actually about OpenSSL, then I agree with you. OpenSSL explicitly is *not* a stable library such that you can make library upgrades without consideration application details -- other than withing the same minor version to fix specific security issues. If a post is about a specific known OpenSSL security issue, and the issue is how to fix that issue within the minor version required by the application, that would be an OpenSSL issue. Even then, it may be dangerous to do that if the application contains its own workaround to that same issue. Or the application may not even use the part of OpenSSL that has the vulnerability, making the exercise pointless. This should still, in most cases, be treated as an application issue first. If it is handled as an OpenSSL issue, that should be by one of the application's developers, not a mere user. either type of user may be intersted in such things as keeping an up-to-date version for security - or ways of configuring it for better speed, performance or security settings. That's true. I agree, my position as stated is a bit too harsh. I disagree about security settings though, those are application issues, not library issues. It's dangerous to treat them as library issues. A security issue should not be fixed without the presence of *someone* with detailed understanding of how the application uses OpenSSL. An actual user (in the sense of application developer) of the library needs to do this to be sure it's done properly. Even OpenSSL experts would either have to familiarize themselves with the application or do a lot of guessing. Guessing in the security field is bad. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Please Remove [EMAIL PROTECTED]
Triguy, remove yourself here. HYPERLINK http://www.openssl.org/support/http://www.openssl.org/support/ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Carrie Sent: Thursday, 3 January 2008 8:17 AM To: openssl-users@openssl.org Subject: RE: Please Remove [EMAIL PROTECTED] I’m only a recipient of e-mails from openssl.org. I do not, nor have I ever had any control over their e-mail system or membership information. You need to direct your request to the administrator. Just a fellow member. Carrie From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Carrie Sent: Wednesday, January 02, 2008 4:03 PM To: openssl-users@openssl.org Subject: RE: Please Remove [EMAIL PROTECTED] I beg your pardon. Can you redirect you request to HYPERLINK mailto:[EMAIL PROTECTED][EMAIL PROTECTED] or HYPERLINK mailto:[EMAIL PROTECTED][EMAIL PROTECTED] Thank you kindly Carrie Schlagenhauser 3-D Graphics and Web Design [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Sent: Tuesday, January 01, 2008 1:02 PM To: openssl-users@openssl.org Subject: Please Remove [EMAIL PROTECTED] Too many emails for me. Please take me off _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of KOLLURU SURESH Sent: Tuesday, December 25, 2007 6:08 AM To: openssl-users@openssl.org Subject: Hi Please remove from the mailing list K. Suresh K. Suresh HOD, Dept of Computer Science Sri Vasavi Engineering College Tadepalligudem _ Looking for last minute shopping deals? HYPERLINK http://us.rd.yahoo.com/evt=51734/*http:/tools.search.yahoo.com/newsearch/ca tegory.php?category=shoppingFind them fast with Yahoo! Search. No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.13/1207 - Release Date: 2/01/2008 11:29 AM No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.13/1207 - Release Date: 2/01/2008 11:29 AM
