On Thu, 11 Oct 2001 14:57:14 +0100, Andy Schneider wrote:
>> > The idea would be that if two such machines had SSL
>> implemented in their
>> > kernel and both administrators had appropriately configured
>> them, all
>> > communications between those two hosts could be encrypted
>> transpare
Hi All,
I am using OpenSSL with Apache on Win32.
OpenSSL 0.9.6, mod-ssl 2.8.2, Apache 1.3.19.
I have generated CA using openssl.
Installed CA certificate in the server by editing
httpd.conf
SSLCACertificatePath confsslprivate
SSLCACertificateFile confsslCAcert.pem.
Can any one suggest me, how
On my webserver, if I supply a public/private key pair to the OpenSSL, then
it seems to support that key length and algorithm.
So in order to have the OpenSSL support more algorithms and key lengths for
the various browsers that would be hitting my server, do I just keep
loading more public/privat
> SSLv3 is a defacto, industry standard, devised by the best cryptanalyst
> we have. It is represented only by an expired Internet Draft. TLS is a
> committee effort. You be the judge.
That is unfair, misleading, and wrong.
All IETF standards are committee efforts. And with all due respect to
Rich Salz <[EMAIL PROTECTED]> writes:
> > SSLv3 is a defacto, industry standard, devised by the best cryptanalyst
> > we have. It is represented only by an expired Internet Draft. TLS is a
> > committee effort. You be the judge.
>
> That is unfair, misleading, and wrong.
>
> All IETF standard
Rich Salz wrote:
>
> > SSLv3 is a defacto, industry standard, devised by the best cryptanalyst
> > we have. It is represented only by an expired Internet Draft. TLS is a
> > committee effort. You be the judge.
>
> That is unfair, misleading, and wrong.
Well, maybe unfair, but I think it's a f
Eric Rescorla wrote:
> That said, TLS and SSLv3 are nearly identical. The differences
> essentially come down to:
>
> (1) A tightening up of the Key Derivation Function (tying it more
> closely to HMAC)
> (2) A replacement of the ad hoc (and somewhat broken) MAC used in
> SSLv3 with HMAC.
Yes,
Title: Message
This document is in INSTALL.W32.
If you don't use the multithreaded DLL runtime
library (/MD option) yourprogram will almost certainly crash because malloc
gets confused -- theOpenSSL DLLs are statically linked to one version, the
application mustnot use a different o
Title: Message
This document is in INSTALL.W32.
If you don't use the multithreaded DLL runtime
library (/MD option) yourprogram will almost certainly crash because malloc
gets confused -- theOpenSSL DLLs are statically linked to one version, the
application mustnot use a different
David Schwartz wrote:
> 1) IPsec already has the negotiation features that you would need.
>
> 2) IPsec acts below the TCP/UDP layer. Using SSL would make it very hard to
> precisely replicate TCP/UDP semantics leading to lots of subtle bugs and
> compatability problems
>
>
On Thu, Oct 11, 2001 at 03:27:29PM -0700, ComCity wrote:
> I'm having trouble with the -rand command...I'm missing a critical piece of
> information which I have not been able to figure out on my own.
> Whenever I use the -rand modifier, my terminal just sits there and hangs.
> Intrupting out leav
11 matches
Mail list logo
