Vista 64 bit
Hello Openssl-users, just subscribed here. Is there an OpenSSL version for Windows Vista 64 bit available? If not, will it come soon? -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
it could be compiled as 64 bit version. I compiler openSSL as 64bit for Vista, but the performance is nearly half of 32 bit version. On Dec 29, 2007 11:41 PM, Gunivortus Goos <[EMAIL PROTECTED]> wrote: > Hello Openssl-users, > > just subscribed here. > Is there an OpenSSL version for Windows Vista 64 bit > available? > If not, will it come soon? > > -- > Best regards, > Gunivortus > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing Listopenssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
Gunivortus Goos wrote: Hello yueyue, it could be compiled as 64 bit version. That would be great. I compiler openSSL as 64bit for Vista, but the performance is nearly half of 32 bit version. Hmm... Why is that? I can't do it myself, don't know anything about such technical things, am just an enduser. Is there a downloadlink? You could try building a 64-bit target using Visual C++ 2008 Express (free) and NASM (also free). I'm holding back from a 64-bit build of the Win32(?) OpenSSL installer for another couple weeks because I need to purchase Visual Studio Professional 2008 (i.e. I can't use VC++ Express) for various reasons and my development computer gets unhappy when I install new development tools. I installed Python recently and pretty much instantly regretted doing so as it hosed portions of my dev. environment. So I'm dreading the VS install. * Win32 might not be a good name to use anymore. -- Thomas Hruska Shining Light Productions Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL. http://www.slproweb.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
Gunivortus Goos wrote: Hello Thomas, You could try building a 64-bit target using Visual C++ 2008 Express (free) and NASM (also free). ??? I'm sorry, I never did any programming, never any compiling, I'm just an enduser, using payware, shareware and freeware programs, that are already prepared for use. ;-) I subscribed to list, because I thought, I could use openssl to make my ftp sessions more secure and in the list I could ask where a 64 bit version was available ann maybe some help using it. My ftp client 'told' me: if I would install openssl, the program would recognize it und use it. I thought, I could get and use openssl as I got and use OpenOffice; complete ready-to-use. Obviously, that is not the case with openssl. If that is true, I've to search for a commercial alternative, I'm afraid. I don't have a 64-bit build available, but you could try the official Win32 binary build: http://www.slproweb.com/products/Win32OpenSSL.html That is the only recognized binary build of OpenSSL (wrapped up in an installer - and is very popular). It should, in theory, work just fine under 64-bit Vista assuming the FTP client is also running as a 32-bit program. 32-bit programs run under an emulation mode on 64-bit hardware but, as someone already pointed out, OpenSSL apparently runs faster in that emulation mode. Since it might work, you might as well give it a try. You just seemed very specific about the 64-bit part. If you absolutely have to have a 64-bit build (i.e. 32-bit doesn't work), wait a few weeks. I'm planning on purchasing and installing Microsoft Visual Studio Professional 2008 out of my own pocket (since almost no one donates). One of the first things I plan on doing is creating a 64-bit binary build of OpenSSL. Don't know what I'll do about the 'Win32' part of the name. -- Thomas Hruska Shining Light Productions Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL. http://www.slproweb.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
Hi there, On Mon, 31 Dec 2007, Thomas J. Hruska wrote: > If you absolutely have to have a 64-bit build (i.e. 32-bit doesn't > work), wait a few weeks. I'm planning on purchasing and installing > Microsoft Visual Studio Professional 2008 out of my own pocket (since > almost no one donates). One of the first things I plan on doing is > creating a 64-bit binary build of OpenSSL. Apparently you can get a 90-day trial download of this product. There's a link on http://msdn2.microsoft.com/en-us/vstudio/products/aa700831.aspx which seems to be to http://go.microsoft.com/?linkid=7771657 but when I clicked it, the page didn't render properly - all I saw was a few empty panes and a button. That's probably because I was using Konqueror, and the page is produced by M1cr0$0ft. I wanted to see if the presumed attached strings would prohibit using it to compile OpenSSL and then throwing MVSP2008 in the bin. It's not worth my time to pursue it since I don't run Windows. -- 73, Ged. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
G.W. Haywood wrote: Hi there, On Mon, 31 Dec 2007, Thomas J. Hruska wrote: If you absolutely have to have a 64-bit build (i.e. 32-bit doesn't work), wait a few weeks. I'm planning on purchasing and installing Microsoft Visual Studio Professional 2008 out of my own pocket (since almost no one donates). One of the first things I plan on doing is creating a 64-bit binary build of OpenSSL. Apparently you can get a 90-day trial download of this product. There's a link on http://msdn2.microsoft.com/en-us/vstudio/products/aa700831.aspx which seems to be to http://go.microsoft.com/?linkid=7771657 but when I clicked it, the page didn't render properly - all I saw was a few empty panes and a button. That's probably because I was using Konqueror, and the page is produced by M1cr0$0ft. I wanted to see if the presumed attached strings would prohibit using it to compile OpenSSL and then throwing MVSP2008 in the bin. It's not worth my time to pursue it since I don't run Windows. -- 73, Ged. I know about the 90 day trial. The VS 2008 install is going to hose my existing dev. environment. So, I'd rather just hose it once (install the full thing) than hose it twice (install the trial and then install the full thing). -- Thomas Hruska Shining Light Productions Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL. http://www.slproweb.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
Gunivortus Goos wrote: Hello Thomas, After downloading I ran the install and ready it was. However, being a MS Windows user, I usually don't read all textfiles, supposing it works too without that. ;-) It should. Just installing it should cause any software that depends on it to function properly with it (including your FTP client). Did you make that one? Yup. Usually I do donate mostly 15 Euros for donationware that I use, but then there should be a clear note that demands my attention, f.i. a popup directly after the install. Hmm...interesting. Can't do the popup thing for various reasons but I'll see if I can think up something. -- Thomas Hruska Shining Light Productions Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL. http://www.slproweb.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
Thomas J. Hruska wrote: > > I'm holding back from a 64-bit build of the Win32(?) OpenSSL installer > for another couple weeks because I need to purchase Visual Studio > Professional 2008 (i.e. I can't use VC++ Express) for various reasons > and my development computer gets unhappy when I install new > development tools. I installed Python recently and pretty much > instantly regretted doing so as it hosed portions of my dev. > environment. So I'm dreading the VS install. > Why can't you use the compilers that are provided as part of the free Windows SDK 6.0 download? They are the same compilers as shipped with VS2005 SP1 > * Win32 might not be a good name to use anymore. I would use "OpenSSL for Windows" and "OpenSSL for Windows (64-bit)" smime.p7s Description: S/MIME Cryptographic Signature
Re: Vista 64 bit
Thomas J. Hruska wrote: > I know about the 90 day trial. The VS 2008 install is going to hose > my existing dev. environment. So, I'd rather just hose it once > (install the full thing) than hose it twice (install the trial and > then install the full thing). I have VS.2003, VS.2005, and VS.2008 all installed on the same machine. Just don't include the environment variables or paths in the System Environment. Use the batch files that come with the SDKs and the compilers to setup the development environment you need for the build you are making. I used to have VC.6 as well. There simply is no reason for it anymore. smime.p7s Description: S/MIME Cryptographic Signature
Re: Vista 64 bit
Jeffrey Altman wrote: Thomas J. Hruska wrote: I'm holding back from a 64-bit build of the Win32(?) OpenSSL installer for another couple weeks because I need to purchase Visual Studio Professional 2008 (i.e. I can't use VC++ Express) for various reasons and my development computer gets unhappy when I install new development tools. I installed Python recently and pretty much instantly regretted doing so as it hosed portions of my dev. environment. So I'm dreading the VS install. Why can't you use the compilers that are provided as part of the free Windows SDK 6.0 download? IIRC, the last time I attempted a PSDK update (I'm pretty sure it was Windows SDK 6), it hosed my entire [existing] VS setup such that I could no longer build _anything_ - forcing me to downgrade back to an older local copy (and even that took a bit to fix). The last time I did an upgrade to VS itself, it silently hosed the Win32 OpenSSL build. My dev. environment is highly customized. And very picky. Haven't run into a dev. tool yet that didn't destroy some setup I've got during its install procedure. -- Thomas Hruska Shining Light Productions Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL. http://www.slproweb.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Vista 64 bit
Hi Thomas. I'm planning on purchasing and installing Microsoft Visual Studio Professional 2008 out of my own pocket (since almost no one donates). One of the first things I plan on doing is creating a 64-bit binary build of OpenSSL. Actually, why do you need to purchase the Studio in order to make the build? How about using a different compiler? E.g. Visual Studio 2008 Express (http://www.microsoft.com/express/vc) is free and should contain a 64bit compiler . Have not actually checked, but IMHO there should be no license problems... Best regards, Jurko Gospodnetić __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re[2]: Vista 64 bit
Hello yueyue, > it could be compiled as 64 bit version. That would be great. > I compiler openSSL as 64bit for Vista, but the performance is > nearly half of 32 bit version. Hmm... Why is that? I can't do it myself, don't know anything about such technical things, am just an enduser. Is there a downloadlink? -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re[2]: Vista 64 bit
Hello Thomas, > You could try building a 64-bit target using Visual C++ 2008 > Express (free) and NASM (also free). ??? I'm sorry, I never did any programming, never any compiling, I'm just an enduser, using payware, shareware and freeware programs, that are already prepared for use. ;-) I subscribed to list, because I thought, I could use openssl to make my ftp sessions more secure and in the list I could ask where a 64 bit version was available ann maybe some help using it. My ftp client 'told' me: if I would install openssl, the program would recognize it und use it. I thought, I could get and use openssl as I got and use OpenOffice; complete ready-to-use. Obviously, that is not the case with openssl. If that is true, I've to search for a commercial alternative, I'm afraid. -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re[2]: Vista 64 bit
Hello Thomas, > If you absolutely have to have a 64-bit build (i.e. 32-bit doesn't > work), wait a few weeks. I'm planning on purchasing and installing > Microsoft Visual Studio Professional 2008 out of my own pocket (since > almost no one donates). One of the first things I plan on doing is > creating a 64-bit binary build of OpenSSL. Don't know what I'll do > about the 'Win32' part of the name. I've no problems with donating at all, but I didn't see it as I downloaded for a Windows XP pc the 32 bit version at: http://www.slproweb.com/products/Win32OpenSSL.html After downloading I ran the install and ready it was. However, being a MS Windows user, I usually don't read all textfiles, supposing it works too without that. ;-) Did you make that one? Usually I do donate mostly 15 Euros for donationware that I use, but then there should be a clear note that demands my attention, f.i. a popup directly after the install. Once a 64 bit version is ready, I'll check at install if there's an easy donation option, f.i. through Paypal. -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re[2]: Vista 64 bit
Hello Thomas, > Hmm...interesting. Can't do the popup thing for various reasons but > I'll see if I can think up something. Grin maybe placing the donation suggestion above the download links on your site. As I found your site at Google, I scrolled down until I found the downloadlink, clicked, downloaded and didn't scroll and read more. -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Re[2]: Vista 64 bit
> ??? > I'm sorry, I never did any programming, never any compiling, > I'm just an enduser, using payware, shareware and freeware > programs, that are already prepared for use. ;-) Then why are you downloading OpenSSL? It's a library, a toolkit. It has no enduser application. If you are installing some other application that asked you to install OpenSSL, you have to follow that other application's instructions. If you had an issue , it would be with that appication or its OpenSSL support, not with OpenSSL. These are not the droids you are looking for. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [!! SPAM] RE: Re[2]: Vista 64 bit
Hello David, > Then why are you downloading OpenSSL? It's a library, a toolkit. > It has no enduser application. Are you really sure? I subscribed, while at the openssl.org site for this list the description was given: "openssl-users open anybody Application Development, OpenSSL Usage, Installation Problems, etc." I downloaded and installed Win32 OpenSSL v0.9.8g Light, on an XP computer, that would mean, I'm a user, isn't it? :-) Of course, for the reasons I told, I did not subscribe to: "openssl-dev open subscribers Discussions on development of the OpenSSL library. > If you are installing some other application that asked you > to install OpenSSL, you have to follow that other application's > instructions. I did. Using Total Commander also as FTP client on XP, it told me to install OpenSSL first, before checking the option in the settings there. > If you had an issue, it would be with that appication or its > OpenSSL support, not with OpenSSL. Not really. I got a new computer with Vista 64 bit and I didn't find a 64 bit version of OpenSSL. That is, what I asked here. And it seemed, I asked it on the right place. ;-) > These are not the droids you are looking for. Who and where else should I have asked for it? -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: [!! SPAM] RE: Re[2]: Vista 64 bit
> Hello David, > > Then why are you downloading OpenSSL? It's a library, a toolkit. > > It has no enduser application. > Are you really sure? > I subscribed, while at the openssl.org site for this list > the description was given: > "openssl-users open anybody Application Development, OpenSSL Usage, > Installation Problems, etc." > I downloaded and installed Win32 OpenSSL v0.9.8g Light, on an > XP computer, that would mean, I'm a user, isn't it? :-) Not of OpenSSL, no. > Of course, for the reasons I told, I did not subscribe to: > "openssl-dev open subscribers Discussions on development of the > OpenSSL library. Note that this is for development *of* *OpenSSL*. Just like the OpenSSL users list is for users *of* *OpenSSL*. > > If you are installing some other application that asked you > > to install OpenSSL, you have to follow that other application's > > instructions. > I did. Using Total Commander also as FTP client on XP, it told me > to install OpenSSL first, before checking the option in the settings > there. Ah, so your issue is with getting Total Commander's OpenSSL support to work. You need to install OpenSSL exactly how Total Commander wants it and not any other way. OpenSSL is *NOT* intended to be 'used' by people who use programs that use it. It is intended to be used by programs and by people who make them. > > If you had an issue, it would be with that appication or its > > OpenSSL support, not with OpenSSL. > Not really. I got a new computer with Vista 64 bit and I didn't > find a 64 bit version of OpenSSL. That is, what I asked here. > And it seemed, I asked it on the right place. ;-) How would that help you if it wasn't the version Total Commander was built to use? > > These are not the droids you are looking for. > > Who and where else should I have asked for it? If you want to know whether Total Commander works with a 64-bit SSL library and how to get/make one for it, you should be asking the Total Commander folks. (Unless you already did and got the answer that it would, in which case what are you asking exactly?) DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: [!! SPAM] RE: Re[2]: Vista 64 bit
I am newly looking into the openSSL code part and trying to understand. I have a few silly doubts regarding the usage and implementation of openSSL along with Heimdal Kerberos. Could you please let me know whom can I contact? Thanks in advance, Saritha -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gunivortus Goos Sent: Wednesday, January 02, 2008 11:39 AM To: David Schwartz Subject: Re: [!! SPAM] RE: Re[2]: Vista 64 bit Hello David, > Then why are you downloading OpenSSL? It's a library, a toolkit. > It has no enduser application. Are you really sure? I subscribed, while at the openssl.org site for this list the description was given: "openssl-users open anybody Application Development, OpenSSL Usage, Installation Problems, etc." I downloaded and installed Win32 OpenSSL v0.9.8g Light, on an XP computer, that would mean, I'm a user, isn't it? :-) Of course, for the reasons I told, I did not subscribe to: "openssl-dev open subscribers Discussions on development of the OpenSSL library. > If you are installing some other application that asked you > to install OpenSSL, you have to follow that other application's > instructions. I did. Using Total Commander also as FTP client on XP, it told me to install OpenSSL first, before checking the option in the settings there. > If you had an issue, it would be with that appication or its > OpenSSL support, not with OpenSSL. Not really. I got a new computer with Vista 64 bit and I didn't find a 64 bit version of OpenSSL. That is, what I asked here. And it seemed, I asked it on the right place. ;-) > These are not the droids you are looking for. Who and where else should I have asked for it? -- Best regards, Gunivortus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: [!! SPAM] RE: Re[2]: Vista 64 bit
> I am newly looking into the openSSL code part and trying to understand. > I have a few silly doubts regarding the usage and implementation of > openSSL along with Heimdal Kerberos. Could you please let me know whom > can I contact? Ask your question in this newsgroup. It is for users of OpenSSL. It's perfectly suitable for general question regarding whether OpenSSL is what you want, how to use it, or where to look for answers. Note that OpenSSL requires a surprising amount of cryprographic knowledge to use safely. If you're looking for a tool that's designed to be secure when used by people who are not security experts, you are likely looking for something other than OpenSSL. Of course, if you don't need real security, messing around with OpenSSL is a great way to learn more about security. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [!! SPAM] RE: Re[2]: Vista 64 bit
Hi, > OpenSSL is *NOT* intended to be 'used' by people who use programs that use > it. It is intended to be used by programs and by people who make them. I'll stick my 0.01 euro cent in here and state i disagree with this hypothesis. whether you are a user via a 3rd party program (as almost all users of openssl are!) or are directly using openssl as a developer both camps and parties should be catered for - especially as a lot of apps that use openssl really only look for the DLL or shared library - or, if built from source, the required dev libraries and link libraries. either type of user may be intersted in such things as keeping an up-to-date version for security - or ways of configuring it for better speed, performance or security settings. alan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [!! SPAM] RE: Re[2]: Vista 64 bit
David Schwartz wrote: Of course, for the reasons I told, I did not subscribe to: "openssl-dev open subscribers Discussions on development of the OpenSSL library. Note that this is for development *of* *OpenSSL*. Just like the OpenSSL users list is for users *of* *OpenSSL*. Pretty sure you're the only one thinking he's on the wrong list David. Check the 'Reply-to'/'To' e-mail headers again. 'openssl-users@openssl.org' is what shows in my e-mail client. He's on the right list. Then why are you downloading OpenSSL? It's a library, a toolkit. It has no enduser application. Uh. Yes there are. openssl.exe CA.pl Either of those ring a bell? Half of the entire build process is spent building the components necessary for openssl.exe. I tell _users_ all the time to install Perl and use CA.pl to generate certs., cert. signing requests, etc. Or I help them with bad openssl.exe commands. I've fielded a LOT of requests that never made it to this list. But when I can't answer someone's question involving openssl.exe, I tell them to come here. You guys usually get the hard questions. All this tells me that those two files are applications that are used by end-users. Various Windows applications don't include OpenSSL but have dependencies on it. Such applications tell the user to go get it. Many users _usually_ find the binary build/installer after searching. A search for 'OpenSSL' on Google turns up the official binary distribution on the third result for me. Are you really sure? I subscribed, while at the openssl.org site for this list the description was given: "openssl-users open anybody Application Development, OpenSSL Usage, Installation Problems, etc." I downloaded and installed Win32 OpenSSL v0.9.8g Light, on an XP computer, that would mean, I'm a user, isn't it? :-) Not of OpenSSL, no. The Win32 OpenSSL Installation Project is a binary build of the default build of OpenSSL wrapped up in an installer (InnoSetup). So, _yes_, he is a user of OpenSSL. The "Light" version is the barebones stuff needed to make most applications (99.9%) that depend on it work (usually the DLLs are sufficient enough) but it still includes all the stuff needed to generate certs. The "full" version includes developer libraries to link against, some esoteric stuff, the test suite, etc. OpenSSL is *NOT* intended to be 'used' by people who use programs that use it. It is intended to be used by programs and by people who make them. What about the whole PKI thing? You know - certificates, CSRs, and all that. Again, openssl.exe _IS_ an end-user application. Not the best or most user-friendly app. in the world since it is command-line driven, but just running openssl.exe DOES start an _interactive_ prompt. -- Thomas Hruska Shining Light Productions Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL. http://www.slproweb.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: What is an OpenSSL issue (was Re[2]: Vista 64 bit)
> > OpenSSL is *NOT* intended to be 'used' by people who use > > programs that use > > it. It is intended to be used by programs and by people who make them. > I'll stick my 0.01 euro cent in here and state i disagree with this > hypothesis. whether you are a user via a 3rd party program (as almost > all users of openssl are!) or are directly using openssl as a developer > both camps and parties should be catered for - especially > as a lot of apps that use openssl really only look for the DLL > or shared library - or, if built from source, the required dev libraries > and link libraries. However, they generally require particular versions of OpenSSL or particular build environments. They impose their own requirements. If you can state and explain these requirements and reduce your question to one that is actually about OpenSSL, then I agree with you. OpenSSL explicitly is *not* a stable library such that you can make library upgrades without consideration application details -- other than withing the same minor version to fix specific security issues. If a post is about a specific known OpenSSL security issue, and the issue is how to fix that issue within the minor version required by the application, that would be an OpenSSL issue. Even then, it may be dangerous to do that if the application contains its own workaround to that same issue. Or the application may not even use the part of OpenSSL that has the vulnerability, making the exercise pointless. This should still, in most cases, be treated as an application issue first. If it is handled as an OpenSSL issue, that should be by one of the application's developers, not a mere user. > either type of user may be intersted in such things as keeping an > up-to-date version for security - or ways of configuring it for > better speed, performance or security settings. That's true. I agree, my position as stated is a bit too harsh. I disagree about security settings though, those are application issues, not library issues. It's dangerous to treat them as library issues. A security issue should not be fixed without the presence of *someone* with detailed understanding of how the application uses OpenSSL. An actual user (in the sense of application developer) of the library needs to do this to be sure it's done properly. Even OpenSSL experts would either have to familiarize themselves with the application or do a lot of guessing. Guessing in the security field is bad. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: What is an OpenSSL issue (was Re[2]: Vista 64 bit)
David Schwartz wrote: > However, they generally require particular versions of OpenSSL or particular > build environments. They impose their own requirements. If you can state and > explain these requirements and reduce your question to one that is actually > about OpenSSL, then I agree with you. And yet there are folks like Thomas Hruska who are distributing installer packages for end users (not developers) that are claimed to be the "official OpenSSL win32 binary" and application developers who don't want to link to crypto code because they are afraid of the legal issues surrounding crypto in some countries. Now when a user is told by their application documentation to go get OpenSSL and install it and there is someone claiming to provide the official build and there are packages specifically for non-developers, what are you expecting the non-developer users to do when they have a question? The application developer doesn't know enough to realize that they need to be careful about the OpenSSL version they use. The application developer wants to treat OpenSSL just like any other package that can be installed such as Kerberos or Perl. When they have a question they are going to come to the folks that developed the software they have a question about. Now perhaps the question should have been sent to Thomas Hruska because he distributes the builds he claims are official but when someone looks for OpenSSL they see the OpenSSL Users mailing list as free and Thomas' support costs money. Where do you think the user will go first? The best you can do is try to give end users a message to send back to the application developer and at the same time attempt to answer their question or point them at the "official" distributors and let Thomas deal with the fallout. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature
RE: What is an OpenSSL issue (was Re[2]: Vista 64 bit)
smime.p7m Description: S/MIME encrypted message
