New Export Restrictions

Stephen (et al), I checked the previous posting about the announcement from the Department of Commerce on 12 January, .. and it would seem that my recount from Tuesday was correct: (http://204.193.246.62/public.nsf/docs/60D6B47456BB389F852568640078B6C0) >Global Exports of Unrestricted Encrypti

Re: DLLs for Openssl 0.9.4

[ On Wednesday, January 12, 2000 at 04:54:32 (PST), Joel Yarde wrote: ] > Subject: Re: DLLs for Openssl 0.9.4 > > One question though, am I correct in assuming that the library files are > meant for MS Visual C++? (I'm using version 5.0). Yes. The .lib and .exp have been produced with VC++ 6.0

ACLU/EFF/EPIC Say Crypto Regs Still Unconstitutional (fwd)

FYI Eric S. Johansson[EMAIL PROTECTED][EMAIL PROTECTED] This message was composed almost entirely using NaturallySpeaking --- begin forwarded text To: [EMAIL PROTECTED] Subject: ACLU/EFF/EPIC Say Crypto Regs Still Unconstitutional Date: Thu, 13 Jan 2000 10:23:22 -0800 From: John Gilmor

Re: openssl deperately needs some intro docs

I was just thinking about Microsoft and their CryptoAPI. They ship a lot of documentation and sample code to all the world via the web and the MSDN distributions and don't seem to have any problems with US authorities (well not in this case anyway;-)) To me it seems like documentation and sampl

Re: How to make pkcs7 signing data?

> Steve Wrote: > This is one area that will be updated in OpenSSL 0.9.5. There is an > 'smime' application in the 0.9.5 development release and a simpler API > that does most of the hard work. That might be a good place to start. > For the pkcs7 function in openssl, what does it do exactly for

Re: OpenSSL compile problem on win32

> the command perl util/mk1mf.pl 32 libeay > > produces > > BIO_number_read does not have a number assigned > BIO_number_written does not have a number assigned > X509_STORE_CTX_rget_chain does not have a number assigned > > this doesn't seem right to me. They'll get numbers assigned the next

Re: Client (personal) certificates

> Anyone there have any information on generation of client certificates with openssl? >I can generate them (albeit only for Netscrape at the moment - IE doesn't seem to be >playing ball) but Netscape won't verify them claiming it's not certified for email. Check to see the CA that has certifie

Re: Secure FTP?

Ben Laurie wrote: > > Jason Stanford wrote: > > > > You could simply use the OpenSSH package (www.openssh.org) which has > > both a secure "telnet" client (ssh) and secure copy (scp). There are > > some ftp packages that support one-time passwords, but I've not been so > > unhappy with scp to inv

Re: openssl deperately needs some intro docs

Dr Stephen Henson wrote: > > There is another issue as well whatever the interpretation of the laws > some companies and organisations take an ultra cautious line. > > For example one organisation at one point was considering not using > OpenSSL because there was a (false) rumour that the OpenSS

RE: Doubt about OPENSSL config file

> dsr> RANDFILE= %USERPROFILE%\.rnd > dsr> oid_file= %USERPROFILE%\.oid > dsr> > dsr> This would point to the users home dir under NT. > > Really? Have you tested that? I dunno, but if I were you, I'd > replace "%USERPROFILE%" with "$ENV::USERPROFILE"... > Yes,

Client (personal) certificates

Anyone there have any information on generation of client certificates with openssl? I can generate them (albeit only for Netscrape at the moment - IE doesn't seem to be playing ball) but Netscape won't verify them claiming it's not certified for email. What am I doing wrong? I've read the FAQ

U.S. Publishes New Crypto Export Rules

Just thought I'd share this with the list...   QUOTE   Any encryption commodity or software, including components, of any key length can now be exported under a license exception after a technical review to any non-government end-user in any country except for the seven state supporters of t

Re: BF_cfb64_encrypt dumps core on redhat 6.1

Ulf Möller wrote on Thu, Jan 13 2000 (14:20:28 +0100): > It works all right on Debian Linux. I'd recommend to set a breakpoint > in BF_cfb64_encrypt and single-step through it, but it may well be a > RedHat bug. thank you for the effort. stepping through BF_cfb64_encrypt, but it doesn't make any

Re: OpenSSL compile problem on win32

Peter Sylvester wrote: > > Hi, > > the command perl util/mk1mf.pl 32 libeay > > produces > > BIO_number_read does not have a number assigned > BIO_number_written does not have a number assigned > X509_STORE_CTX_rget_chain does not have a number assigned > > this doesn't seem right to me. Sin

Re: Introduction paper still needed?

Hi Jan, > Sorry I did not read the entire "openssl desperately needs some intro docs" > thread (busy busy busy), just wanted to ask if the effort would still be > appreciated? Very much! An understandable but complete introduction would be very useful (at least to me). Sander Steffann. __

Question about certificate verification

Here's my situation: I have a setup where all private keys (encrypted) and certificates are stored in a directory service from where I retrieve them. So I don't have files where the things are kept. Now I want to do certification verification when establishing SSL connections. The certification

Re: BF_cfb64_encrypt dumps core on redhat 6.1

Toni Andjelkovic wrote: > appears to work well except on redhat 6.1, where the > "send" part will dump core. It works all right on Debian Linux. I'd recommend to set a breakpoint in BF_cfb64_encrypt and single-step through it, but it may well be a RedHat bug.

OpenSSL compile problem on win32

Hi, the command perl util/mk1mf.pl 32 libeay produces BIO_number_read does not have a number assigned BIO_number_written does not have a number assigned X509_STORE_CTX_rget_chain does not have a number assigned this doesn't seem right to me. ___

Re: openssl deperately needs some intro docs

hi all, well am willing to assist in writing the docs.. previous wrote.. the following howtos and would use as basis to write the openssl ones.. a- IPFWADM FAQ b- FIREWALL1 - FAQ c- SSH 1.xx original FAQ(custodian) d - INND FAQ e - SED FAQ well the offers there anyhow.. must admit no veter

Re: OpenSSL compile problem

ryoko> %./config gcc$B!!(B( or config ) ryoko> Operating system: sun4m-sun-solaris2 ryoko> This system (solaris-sparcv8-gcc) is not supported. See file INSTALL for detail ryoko> ryoko> Do I have to define hardware,operating system? ryoko> Or can't sun4m use OpenSSL0.9.4? ryoko> (I could install

Re: VeriSign/Thawte deal challenged

Unfortunately its not likely a Canadian company could make any real challenge in the US or SA. Entrust may be trying to protect themselves as they have set up their own CA based on the chaining Thawtes root rather than looking out for the good of the market ... Jeff On Wed, 12 Jan 2000, Joe A

Re: openssl deperately needs some intro docs

> (anyone wanting to supply a green card for the experiment would be my hero forever) I know you were being humorous, but are you actually seeking to work in the US? Bill Michaelson __ OpenSSL Project

Re: BF_cfb64_encrypt dumps core on redhat 6.1

Ulf Möller wrote on Thu, Jan 13 2000 (01:24:31 +0100): > Please post compilable source code and specify which OpenSSL version > you are using. i'm using OpenSSL 0.9.4 09 Aug 1999 i attach the code, it encrypts the client's stdin with blowfish cfb64, and sends it to the server's stdout using a si

Re: BXA Press Release on New Regs (fwd)

From: "Eric S. Johansson" <[EMAIL PROTECTED]> [...] esj> Global Exports of Unrestricted Encryption Source Code esj> esj> Encryption source code which is available to the public and esj> which is not subject to an express agreement for the payment of esj> a licensing fee or royalty for commercial

Re: BXA Press Release on New Regs (fwd)

Hello, I have read the draft posted on 12/10/1999 & discussion draft II 12/17/1999. What i have understood is that regulations on 64 bits confidentiality algorithms will be lifted. So in laymans terms concerning mass marketing companies can have upto 64 bits crypto please do correct me if i have