On 01/13/2014 11:26 AM, Elmar Stellnberger via RT wrote:
> Webkit browsers and many other openssl based programs like ssh would already
> like to make use of DNSSEC. AFAIK DNSSEC has already been standardized and
> would therefore be free to be implemented by openssl. DNSSEC could overcome
> ma
On 01/13/2014 03:54 PM, Quanah Gibson-Mount wrote:
> Duplicate of [openssl.org #3232] [PATCH] Makefile.org: Fix usage of
> CC=gcc -m32
I've seen this in the mailing list archives only now.
Any idea why my mail to rt@ with this patch last week didn't get through?
It's a bit frustrating to see dup
--On Monday, January 13, 2014 3:41 PM -0300 Gustavo Zacarias
wrote:
The compiler invocation might contain a space for example when using
ccache.
Duplicate of [openssl.org #3232] [PATCH] Makefile.org: Fix usage of CC=gcc
-m32
--Quanah
--
Quanah Gibson-Mount
Architect - Server
Zimbra, In
Adding !LOW:!EXPORT to the DEFAULT setting does seem wise. What would be
the rationale to keep IDEA cipher suites in there?
I'm not familiar enough with the SEED cipher suites problems. Is it just
that they are slow or did I miss a doc on their security?
On Mon, Jan 13, 2014 at 10:34 AM, Kurt Ro
The compiler invocation might contain a space for example when using
ccache.
Signed-off-by: Gustavo Zacarias
---
Makefile.org | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.org b/Makefile.org
index 6873273..52a3d15 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -39
On Mon, Jan 13, 2014 at 05:25:55PM +0100, Jeff Hodges via RT wrote:
> We've been testing clients using OpenSSL against
> https://howsmyssl.com/a/check and noticed that those using
> the OpenSSL_add_all_algorithms() have insecure export cipher suites
> included by default. These cipher suites are us
Webkit browsers and many other openssl based programs like ssh would already
like to make use of DNSSEC. AFAIK DNSSEC has already been standardized and
would therefore be free to be implemented by openssl. DNSSEC could overcome
many of the weaknesses in the current certificate management workfl
On 11 January 2014 12:17, Florian Zumbiehl via RT wrote:
> Hi,
>
> > So in that case it should try only the user's option if the user gave a
> > -CApath or -CAfile, and otherwise the default option?
>
> well, I am not an OpenSSL dev, but that's the behaviour I would consider
> correct, yeah.
>
>
According to [1], TLS compression is still the default configuration of
OpenSSL. This opens OpenSSL and all dependent tools (python, ruby, etc.) to
the CRIME attack.
I've already received push back from some of these tools that "OpenSSL
should just fix this" and while I'm working on convincing the
On OSX, there is no such thing as the program 'makedepend' (unless one
installs XQuartz (X11 for mac), which shouldn't be required in order to
build openssl).
But lets say the user does have XQuartz installed. I suspect the
makedepend that's included in XQuartz is buggy. As of 1.0.1f, If I enab
Commit 60adefa61025ffd7d56cf7ff8491008f783282bf introduced the use of the CC
variable without quoting. This breaks e.g. multilib builds where CC is set to
"gcc -m32".
Signed-off-by: Pierre Schmitz
---
Makefile.org | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.org b
We've been testing clients using OpenSSL against
https://howsmyssl.com/a/check and noticed that those using
the OpenSSL_add_all_algorithms() have insecure export cipher suites
included by default. These cipher suites are using keys less than the
currently recommended 128-bit keys.
For instance, cu
On Sat Jan 11 12:09:51 2014, som...@gmail.com wrote:
>
> Montavista openssl version : 0.98
> RHEL openssl version : 1.0.0
>
> Can anyone please let me know what is the issue?
>
If this doesn't occur with the standard versions of OpenSSL it's some
modification the vendor has introduced and you shou
Hi,
I'm working on a FIPS compliance product and would like to upgrade its
openssl version to support NIST 800-131A Transitions.
Can you please let me know the FIPS openssl version which supports
requirements stated in NIST 800-131A document(2.0.5 supports ???).
Thanks in advance.
Thanks,
Ranjit
14 matches
Mail list logo
