(sorry for the delay, but I've been travelling and moving)
On Sat, Oct 31, 2015 at 11:01:22pm +, Brian Smith via RT wrote:
> On Sat, Oct 31, 2015 at 11:50 AM, Alessandro Ghedini via RT
> The point is to let the person building OPENSSL say "I want the build to
> fail if
On Sat, Oct 31, 2015 at 08:34:33am -0400, Steve Marquess wrote:
> On 10/31/2015 08:26 AM, Alessandro Ghedini via RT wrote:
> > Hi,
> >
> > I don't know what your intentions are with FIPS support in master, ...
>
> We would like to continue to provide a FIPS validated module for the 1.1
> (and
On Wed, Nov 11, 2015 at 05:15:06PM +, Kaduk, Ben via RT wrote:
> On 11/11/2015 07:06 AM, Kurt Roeckx via RT wrote:
> > On Wed, Nov 11, 2015 at 12:37:56PM +, Alessandro Ghedini via RT wrote:
> >> On Wed, Nov 11, 2015 at 11:52:56AM +, Kurt Roeckx via RT wrote:
> >>> On Wed, Nov 11, 2015
Hi OpenSSL Community,
I originally posted this message on the security area ML at IETF and I
am trying to reach out to a broad audience of experts, implementers, and
vendors. I would love to have contributions and implementations (once we
have some initial specs) around this initiative. I am
On 11/11/2015 07:06 AM, Kurt Roeckx via RT wrote:
> On Wed, Nov 11, 2015 at 12:37:56PM +, Alessandro Ghedini via RT wrote:
>> On Wed, Nov 11, 2015 at 11:52:56AM +, Kurt Roeckx via RT wrote:
>>> On Wed, Nov 11, 2015 at 11:16:56AM +, Alessandro Ghedini via RT wrote:
Also, FTR,
On Wed, Nov 11, 2015 at 01:06:54PM +, Kurt Roeckx via RT wrote:
> On Wed, Nov 11, 2015 at 12:37:56PM +, Alessandro Ghedini via RT wrote:
> > On Wed, Nov 11, 2015 at 11:52:56AM +, Kurt Roeckx via RT wrote:
> > > On Wed, Nov 11, 2015 at 11:16:56AM +, Alessandro Ghedini via RT wrote:
On Wed, Nov 11, 2015 at 11:52:56AM +, Kurt Roeckx via RT wrote:
> On Wed, Nov 11, 2015 at 11:16:56AM +, Alessandro Ghedini via RT wrote:
> >
> > I also added support for explicit_bzero() on OpenBSD.
>
> An explicit_bzero() call is no better than whatever
> OPENSSL_cleanse() does, because
On Wed, Nov 11, 2015 at 11:16:56AM +, Alessandro Ghedini via RT wrote:
>
> I also added support for explicit_bzero() on OpenBSD.
An explicit_bzero() call is no better than whatever
OPENSSL_cleanse() does, because it has exactly the same problems.
So I don't think this is useful to do.
>
On Wed, Nov 11, 2015 at 12:37:56PM +, Alessandro Ghedini via RT wrote:
> On Wed, Nov 11, 2015 at 11:52:56AM +, Kurt Roeckx via RT wrote:
> > On Wed, Nov 11, 2015 at 11:16:56AM +, Alessandro Ghedini via RT wrote:
> > > Also, FTR, apparently SecureZeroMemory() doesn't work on the mingw