Hi Madhu,
Thanks for the report.
> With Session Cache size = 7864432 bytes, here's a log that I'm
> seeing :
[snip]
> the INDEX_NUM value is 0 !
Yeah this is a bug - each sub-cache uses an indexing structure that
(correctly) uses index values (and ranges) as "unsigned int", but the
On Wed, 12 Dec 2001, Lajos Moczar wrote:
> I too am interested in this topic. Is there anything out there that does
> these kinds of checks? Anyone writing or want to write such a thing? I'd
> sure be interested in contributing to such a project were it necessary.
If I had the time I'd write o
Hi,
With Session Cache size = 7864432 bytes, here's a log that I'm
seeing :
[12/Dec/2001 13:36:51 05786] [trace] for 7864424 bytes, recommending 65536
indexes
[12/Dec/2001 13:36:51 05786] [trace] shmcb_init_memory choices follow
[12/Dec/2001 13:36:51 05786] [trace] division_mask = 0x7F
[1
I too am interested in this topic. Is there anything out there that does
these kinds of checks? Anyone writing or want to write such a thing? I'd
sure be interested in contributing to such a project were it necessary.
Lajos
Gudmund Berggren wrote:
> Hi,
>
>
>
> I was aiming at your secon
Does Valicert support the various Entrust CRL extensions and
partitioning?
If not, then they're useless for this problem.
/r$
--
Zolera Systems, Your Key to Online Integrity
Securing Web services: XML, SOAP, Dig-sig, Encryption
http://www.zolera.com
_
On Wed, 12 Dec 2001, Cliff Woolley wrote:
> On Tue, 11 Dec 2001, Kevin McQuiggin wrote:
>
> > I want to create a dummy self-signed certificate. Despite the Apache
> > documentation, "make certificate" in the top-level source directory doesn't
> > work. There's no "certificate:" target in the M
Hello Lorrayne,
Thanks for your input.
By any chance, do you know if i can use OCSP with an Entrust CA (instead of
CRLs)?
Regards,
Alec
>From "Schaefer,Lorrayne J." <[EMAIL PROTECTED]> on 12 December 2001
Hi everyone. I was chatting with an Entrust engineer yesterday about
partitioned CRLs (this is where you can break it down my something such as
size). The only CA that currently do this to my knowledge is Entrust.
I agree with Rich Salz's response. OCSP is a great way to go (and,
Valicert offe
This is an automatic response to a message received from your address:
An e-mail received from your account (see To: field) matches the
signature of a known virus.
Your message has been placed in a quaranteen area.
>>> IT IS POSSIBLE THIS MESSAGE WAS SENT <<<
>>>WITHOUT YOUR KNOWLED
Hi Group
I'm running the following: Apache/1.3.22 (Win32) mod_jk/1.1.0 tomcat/1.0
mod_ssl/2.8.5 OpenSSL/0.9.6b
with the standard settings for win32. everything fine with this, except that
I get a lot (up to 7 per second) warnings:
[10/Dez/2001 09:23:45 00393] [warn] Failed to release global mut
Hello Rich,
Thanks for the tip.
Alec
>From Rich Salz <[EMAIL PROTECTED]> on 12 December 2001 9:46:13
To : [EMAIL PROTECTED]
Copy To : [EMAIL PROTECTED]
Subject : Re:
Using OCSP transfer the complexity of
Using OCSP transfer the complexity of CRL processing from all clients to
a few servers. Entrust believes in CRLs :), so I don't think they have
an OCSP responder. You'd need to find one that understood the various
CRL extensions used by Entrust. (Or implement it yourself for your
clients, of co
No, openssl does not yet support the (infinite:) ways to split CRL's
that Entrust likes.
OCSP is simpler. :)
/r$
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
__
Apac
This doesn't seem to be a mod_ssl question as such. What I suspect is the
older browsers don't have the root certificate for Equifax installed. I am
guessing that you are referring to IE, since Netscape has had 128bit support
since 4.67 (IIRC).
In the case of IE, check out Tools/Internet Options/
Hello Rich,
Do you have more information about OCSP? Do you think it could solve my
problem?
Regards,
Alec
No, openssl does not yet support the (infinite:) ways to split CRL's
that Entrust likes.
OCSP is simpler. :)
[EMAIL PROTECTED] wrote:
>
> Full_Name: robert joop
> Version: 2.8.0
> OS:
> Submission from: (NULL) (193.175.135.28)
>
> on an apache 1.3.17 with mod_ssl 2.8.0, i installed new CRLs, called
> make in the ssl.crl directory, but even days later, it still considers
> the CRLs as expired (which the
Hi,
I was aiming at your second and third area. Good
points. One additional topic would be to check for intrusion protection in
general with a library
of known methods and bugs etc
Since the server is in my case running on Windows
environment, the intrusion protection issue feels
rather imp
17 matches
Mail list logo
