I am basically trying to implement a telnet client on NT that makes a secure
connection. I am familiar with socket programming, but am new to OpenSSL.
Can I simply use the DLLs that were complied to the OpenSSL\out32dll direcory
(libeay32.dll and ssleay32.dll) to do this?
Any help that can
At 01:09 PM 7/28/99 -0400, Steven J Sobol wrote:
>I would like to set up a CA certificate that I will use to sign website
>certificates with. These website certificates will be used on a temporary
>basis until my client gets a real certificate from a real CA.
>
>Am I correct in thinking that all I
> The technology becomes available, but the copyright still
> applies So, anyone can re-write the algorithm, but to use RSA's
> code would probably be a violation.
It is my understanding that you can have patent protection or
copyright protection, but not both. So... I believe that what is
> Hi,
>
> As you know, some cryptography algorithms can't be used outside the
> USA. So, can anyone tell me if the OpenSSL library can be used in a
> commercial product outside the USA ? Or does the library include
> some dark-sided crypto algorithm only available for the USA ?
Just us folks in
On Wed, Jul 28, 1999 at 11:50:09AM -0300, Juan Carlos Castro y Castro wrote:
> Paul Preziosi wrote:
> The NSA bullied the patent agencies into accepting a monstrosity called a
> "blind patent", in which the NSA creates a technology, files its details to
> the patent agency which is not allowed to
I know of a couple of places (Thawte, VeriSign) where I can get sample SSL
server certs for test purposes. I'd like to find as many of these as I can
to confirm that my server works the way I think it will. Does anyone
have/know of a list or web page that lists lots of SSL server CAs that offer
sa
Hi,
As you know, some cryptography algorithms can't be used outside the USA. So,
can anyone tell me if the OpenSSL library can be used in a commercial
product outside the USA ? Or does the library include some dark-sided crypto
algorithm only available for the USA ?
Thanks.
Fulco
__
Gerhard,
What platform were you able to get this running on? Does this allow you
to send a post request via https from perl to a web server running SSL.
I have been looking for the pieces to accomplish this and have had a lot
of trouble getting things working under Win/NT
thanks
Doug
>
> Perl
I would like to set up a CA certificate that I will use to sign website
certificates with. These website certificates will be used on a temporary
basis until my client gets a real certificate from a real CA.
Am I correct in thinking that all I have to do is generate a separate
certificate and use
LOOKING FOR: SSL-HTTPDaemon PerlScript (preferrable
ising LIBWWW).
I have in working order:
Perl 5005_03, LibWWW 5.44, OpenSSL 0.91c, NetSSL
1.03, a patch for SSLeay.xs
I can receive https requests via the
libwww.
What I need additionally is a SSL HTTP
Daemon.
The README of
IO::Socke
Paul Preziosi wrote:
> "Roeland M.J. Meyer" wrote:
> >
> > I think I mis-read your original question. For some reason I read
> > "unusable", sorry. Yes, the lapse of a patent means the technology
> > becomes available for all to use, freely. This is my understanding.
>
> The idea behind patents
The technology becomes available, but the copyright still applies So,
anyone can re-write the algorithm, but to use RSA's code would probably be a
violation.
~
Howard Uman - [EMAIL PROTECTED]
Netegrity, Inc., 245 Winter St., Waltham, MA 02451
TEL: (781) 890-1700 x225 FAX: (781) 487-7791
Kaur Virunurm schrieb:
>
> I agree with your philosophy, mr. Reif: the CA has certainly
> the authority to decide what to include in the cert, but:
>
> > Wether there should be a big flash "Hey, the user wants to
> > trick you into something!" is another question.
>
> That's it, but not only. R
> The idea behind patents is kind of contract:
>
> - The government grants a legal protection to the registrant,
> for a given time period,
>
> - In return, the registrant releases it's technology to public
> domain at the end of this time period.
If memory serves, the technology actually nee
Kaur Virunurm wrote:
> Are there any restrictions on which attributes can be contained
> in the DN at all? Can I use freely anything from the whole 2.5.4.*
> OID-space and anything else that I find convinient? Or..?
Have a look at RFC2459: Internet X.509 PKI, Certificate and CRL Profile,
4.1.2.4
Holger Reif wrote:
>
> Kaur Virunurm schrieb:
> >
> > So, again:
> > The bug in openssl is that ca application may drop some fields from the
> > incoming certificate request without any warning or notification.
>
> This is philosophy: The *CA* determines what should go into
> the cert, not the *
One simple question to be sure:
http://www.intertrader.com/library/SSLeay/no_rsa.cfm
claims, that popular web browsers doesn't support DSA cipher
suites. The FAQ is quite old, anyway. Is it still true? Do I have
to use RSA certificates in a secure www/imap/news server?
TIA,
Mike
---
I agree with your philosophy, mr. Reif: the CA has certainly
the authority to decide what to include in the cert, but:
> Wether there should be a big flash "Hey, the user wants to
> trick you into something!" is another question.
That's it, but not only. Right now, the person behind the CA is d
Kaur Virunurm schrieb:
>
> So, again:
> The bug in openssl is that ca application may drop some fields from the
> incoming certificate request without any warning or notification.
This is philosophy: The *CA* determines what should go into
the cert, not the *requestor*. So it is fine to ignore
a
> How do I process this data packet with OpenSSL?
> Do I need to pre-pend or append any data (such as DN, '--CERTIFICATE--'
> or something else)?
Yes. This works for me (VBScript):
request = "-BEGIN NEW CERTIFICATE REQUEST-" + CHR(13) + _ sz10 + _ "-END
NEW CERTIFICATE REQUEST-"
> Is uniqueIdentifier allowed in a DistinguishedName?
Yes, I think? At least OpenSSL allows it and shows it as
UID= field in the DN.
Are there any restrictions on which attributes can be contained
in the DN at all? Can I use freely anything from the whole 2.5.4.*
OID-space and anything else th
geoff> I thought that SSLeay and OpenSSL are mutually exclusive, which
geoff> can't be used together.
Hmm, I've never actually tried to use them together, but at this
point, there is bound to be some incompatibilities, at least in the
header files :-).
You see, OpenSSL is the direct successor of
Hi,
I managed to get IE4 to generate a PKCS10 client certificate request
data packet.
How do I process this data packet with OpenSSL?
Do I need to pre-pend or append any data (such as DN, '--CERTIFICATE--'
or
something else)?
Thanks,
Willo van der Merwe
___
On Thu, 29 Jul 1999, Kaur Virunurm wrote:
> Vadim Fedukovich wrote:
> > x509 application use X509_NAME_oneline() that wants to OBJ_obj2nid()
> > everything it prints. I'm not sure OBJ_obj2nid() returns something
> > useful for "uniqueIdentifier" and X509_NAME_oneline() will just skip
> > unknown
Thanks for the info. I actually have read this document before.
I thought that SSLeay and OpenSSL are mutually exclusive, which can't
be used together.
So I can use the openssl inorder to compile the mod-ssl for apache?
I can then use SSLeay in order to create and sign certificates for
client
25 matches
Mail list logo
