While normally the original data before encryption gets signed, what is the
effect of signing the encrypted data? In this form, the verification can take
place without decrypting the data. Any pros and cons of this method?
Thanks
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6643
( O ) T
Very Funny.vbs
FYI:
> ** InterScan Message (on rhein)
>
> Found virus VBS_LOVELETTER-O in file Very Funny.vbs
> The uncleanable file is deleted.
>
> *
__
OpenSSL Project
Beware !!!
This file is infected with the VBS.LoveLetter virus !!!
Regards,
Olivier
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automa
The MessageLabs Virus Control Centre discovered a possible
virus or unauthorised code (such as a joke program or trojan)
in an email sent by you.
Please read this whole email carefully. It explains what has
happened to your email, which suspected virus has been caught,
and what to do if you n
A L E R T E V I R U S
Notre système de détection automatique anti-virus
a détecté un virus dans un message qui vous a été
envoyé par "Gianluca Russo" <[EMAIL PROTECTED]>.
La distribution de ce message a été stoppée.
Veuillez vous rapprocher de l'émetteur "Gianluc
Achtung, die von Ihnen versandte Mail enthaelt entweder
einen Computer Virus oder mindestens eine beigefuegte Datei des Typs
BAT, CHM, CMD, COM, CPL, EXE, HLP, INF, INS, ISP, JAR, JS, JSE, LNK, MDB, MDE,
MSC, MSI, MSP, MST, OCX, PIF, PL, REG, SCR, SCT, SHB, SHS, VB, VBE, VBS, WSC,
WSF, WSH
und wur
Antigen for Exchange found Very Funny.vbs matching =*.vbs file filter.
The file is currently Deleted. The message, "fwd: Joke", was
sent from Gianluca Russo and was discovered in IMC Queues\Inbound
located at UAlbany/ADM/EMAIL.
Receiver, InterScan has detected virus(es) in the e-mail attachment.
Date: Mon, 06 Nov 2000 10:37:02 +0100 (W. Europe Standard Time)
Method: Mail
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
File: Very Funny.vbs
Action: clean failed - deleted
Virus: VBS_LOVELETTER-O
_
I would like to know is there is an easy way of making blind signatures
with openssl. I need a text string to be signed but I don`t want the
server that is going to sign this text string to know it.
Openssl uses blinding in RSA but it is used to avoid timing attacks.
Thanks in advanced.
On Mon, Nov 06, 2000 at 03:50:02PM +0100, Stephane Bortzmeyer wrote:
> I have a program (whose purpose is to test and benchmark Web servers) which
> can loop over a given server. During the loop, what should I close/free? Since
> there is apparently no documentation of the API (if I'm wrong, I p
At 03:50 PM 11/6/00 +0100, Stephane wrote:
> Since
>there is apparently no documentation of the API (if I'm wrong, I pay a beer
>for any pointer to actual documentation),
Did you check the "documentation" section of the
website listed below in the maillist signature?
>_
On Monday 6 November 2000, at 10 h 3, the keyboard of Tom Biggs
<[EMAIL PROTECTED]> wrote:
> Did you check the "documentation" section of the
> website listed below in the maillist signature?
It's just the list of the prototypes of the functions... Without any semantic
information.
___
Joshua,
Thank you for the response.
The LD_LIBRARY_PATH had been set fine.
What I did was download the full release of openssl and use gcc instead.
There also seems to be an issue with the patch-level of the OS for Solaris
2.6. It works on a machine with kernel level 105181-23, but not
I'm sorry
!
I
apologize for the virus I sent to the comunity. I'm a victim
too.
excuse me
!
Gianluca
I am resending this message :::
> Hello, I am receiving the following error with openssl 0.9.6..
> -
> ./openssl genrsa -des3 -out server.key 1024
> warning, not much extra random data, consider using the -rand option
> Gener
I'm having a bitch of a time getting client verification to work to work.
I've got the root CA cert, project CA cert, and server and client certs (keys
with passphrase removed) all in pem encoded format. I've done the following.
1.Created a new mod_ssl instance of apache
2.Set the server key
I'm trying to get a handle on what needs to be done to get a commercial
product I just started administrating to provide ssl access to three
different services. Below is an edited quote from the operations guide:
The name of a file containing a PKCS 5 password-encrypted, formatted
private key, f
Sorry about the last message it was user error on my part. Please
disregard the previous message, as it was incomplete. This is the
finished version...
I'm trying to get a handle on what needs to be done to get a commercial
product I just started administrating to provide ssl access to three
di
I'm trying to write a package that links to the OpenSSL libs on the C side
and communicates with another server that will be running Java's JCE. I can
get the two to talk using DES ECB (and I expect Triple DES, but haven't
tried that yet.) This is because both sides internally agree to use PKCS5
p
Was wondering if anyone had documentation on how to configure session
caching and /or SSL Batching. I've seen reference to a session.doc, but
have been unable to find it. Thanks
begin:vcard
n:Koref;Brian
tel;work:(408) 341-3246
x-mozilla-html:FALSE
adr:;;
version:2.1
email;internet:[EMAI
Erwann ABALEA wrote:
>
> [...]
>
> I thought that using Pine solved the problem of viruses... I was
> wrong... Even the simple 'mailx' can be exploited... and I don't have any
> multimedia extension to Pine... ;-)
I know this is drifting off-topic, but I'm curious.
Our corporate gateway appare
On Mon, 6 Nov 2000, Paul Allen wrote:
> Erwann ABALEA wrote:
> >
> > [...]
> >
> > I thought that using Pine solved the problem of viruses... I was
> > wrong... Even the simple 'mailx' can be exploited... and I don't have any
> > multimedia extension to Pine... ;-)
>
> I know this is drifting
[EMAIL PROTECTED] wrote:
>
> I'm having a bitch of a time getting client verification to work to work.
>
> I've got the root CA cert, project CA cert, and server and client certs (keys
> with passphrase removed) all in pem encoded format. I've done the following.
>
> 1.Created a new mod_ssl in
Mathew,
Sounds like certificate problems. I've set up the nsopenssl module for
AOLserver to do what you're trying to do, so I know that at least OpenSSL
0.9.5a works ok in this regard. I've taken the Dept of Defense root CA and
second level CA and made them available to the web server for verifyi
Hi
sorry for the newbie question, but when I run make, I get the following:
making all in crypto...
make[1]: Entering directory `/tmp/openssl-0.9.6/crypto'
( echo "#ifndef MK1MF_BUILD"; \
echo " /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */";
\
echo " #define CFLAGS
\"gcc
I am sorry for my unclear questions.
In a scenario that the signature is stored in PKCS#7 format which is encrypted
with the recipient's public key. While the data is encrypted with 3DES.
If the data are to be stored in its encryption form and only decrypted when its
in use, does the verificatio
Suggestions for building the latest version of OpenSSL for MacOS X PB? Currently
installed version is 0.95a (I think), but it doesn't have the includes and such that
are needed to compile "cURL" with ssl support...
Help?
-KenS
__
Has anybody ever used profiling(CFLAGS=-pg) to analyze the amount of time
spent in each routine in openssl? I tried it in openssl-engine-0.9.6. But
the option -pg seemed to conflict with the option of -fomit-frame-pointer,
so I got rid of the latter. But when I tried to do speed test(apps/ope
> I would like to know is there is an easy way of making blind signatures
> with openssl. I need a text string to be signed but I don`t want the
> server that is going to sign this text string to know it.
As much as I remeber using OpenSSL RSA methods you could create
a blind signature schem
I'm trying to get Courier IMAP's IMAP-over-SSL server running and it's
giving me this error when someone tries to connect with Netscape
Messenger:
Nov 3 22:45:32 gaigax couriertls: starttls: accept: error:0407106B:rsa
routines:RSA_padding_check_PKCS1_type_2:block type is not 02
What does this m
> Hi
> sorry for the newbie question, but when I run make, I get the following:
Your build environment is corrupt. It's not OpenSSL's fault.
> /usr/include/bits/errno.h:25: linux/errno.h: No such file or directory
Seems like '/usr/include/bits/errno.h' refers to a 'linux/errn
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Lutz Jaenicke
> Sent: Monday, November 06, 2000 16:00
> To: [EMAIL PROTECTED]
> Subject: Re: What should be freed when looping?
>
> [some included mail deleted for brevity]
>
> > SSL_free (ssl);
>
33 matches
Mail list logo
