Hello ! I am trying to setup Apache 2.0.58 on Mandriva Linux 2006... Linux platform is new for me... When I tried to configure Apache I got the erroe : checking for SSL/TLS toolkit includes... configure: error: OpenSSL headers not found The OpenSSL version is 0.9.7g Why I could not see
Hello,
AES256-SHA means also RSA key_exchange. Are you setting
private RSA keys, certificate, and CA certificate also in SSL context ?
does this imply that when I want to use EDH for key exchange that the cipher
will not be able to be AES*?
No, AES encryption may be used with the
Hello,
Hi, fellows. Thanks a lot for the hint. I'm using Blowfish in cfb mode.
Will there be any padding not removed problem with this cipher?
Actually I'm very new here. I wonder if anyone can also clarify to me some
basic concepts as well. I really appreciate the help.
1) What
Hello,
3) In enc manpage, what does a salt mean?
In openssl enc passphrase and salt are parameters
to PKCS#5-like key generation function.
You may read more about PKCS#5 at:
http://www.rsasecurity.com/rsalabs/node.asp?id=2127
4) Suppose I have an input file foo.in and a key file
Dear all,
I'd need a little clarification on SSL renegotiation.
Could ssl renegotiation take place over a different
tcp port then the already-established ones ? (tcp
connections established, handshake succcessfully
performerd at least one time).
I noticed the custom server application I have
Hello,
I noticed the custom server application I have to
connect to tends to change connection port after a
first handshake has been performed.
I disagree with the server application administrator
which states this is a normal behaviour due to SSL
regonation.
My guess is that is rather
Mandar sarlashkar wrote:
I am trying to setup Apache 2.0.58 on Mandriva Linux 2006... Linux
platform is new for me...
Do you have a compelling need to compile your own apache? I encourage
it, but only if it makes sense for you. Most people are better off using
the distribution's package
http://lookit.typepad.com/lookit/2006/04/lame_openssl_bu.html
Basically, openssl base64 -d silently fails if given a line longer than 79
characters.
__
OpenSSL Project http://www.openssl.org
User
On Thu, May 25, 2006 at 10:58:55AM +0200, Marek Marcola wrote:
Hello,
AES256-SHA means also RSA key_exchange. Are you setting
private RSA keys, certificate, and CA certificate also in SSL context ?
does this imply that when I want to use EDH for key exchange that the cipher
will
I noticed the custom server application I have to
connect to tends to change connection port after a
first handshake has been performed.
What does that mean?
I disagree with the server application administrator
which states this is a normal behaviour due to SSL
regonation.
As
On 5/23/06, Kyle Hamilton [EMAIL PROTECTED] wrote:
.pod files are processed by pod2man, which is a standard part of perl.
Type 'man man' to determine how to show those files -- on some
systems it's merely 'man 3 SSL', others require different command
line arguments (I'm not a user of OSX, so I
From: Simon
On 5/23/06, Kyle Hamilton [EMAIL PROTECTED] wrote:
.pod files are processed by pod2man, which is a standard
part of perl.
Type 'man man' to determine how to show those files -- on some
systems it's merely 'man 3 SSL', others require different command
line arguments
Hi All
Is it possible to decrypt a recorded SSL session, if the attacker gains
access to the RSA private keys at a later point in time? If yes, what
would be the best way to avoid this?
Thanks in Advance!
Regards
Sreeram
signature.asc
Description: OpenPGP digital signature
Im not sure if SSL gives u such options, but the best way to prevent
compromise of a RSA key would be to establish a diffie hellman key.
You would want to do a shared secret anyawy..and im sure SSL does
it..if the shared secret is computed using diffie hellman and nobody
gets hold of the
I must apologize for not being SSL specific..But it gives u a hint and
u can take a look at the SSL specs and see what they allow.
Sudharsan
On 5/25/06, Sudharsan Rangarajan [EMAIL PROTECTED] wrote:
Im not sure if SSL gives u such options, but the best way to prevent
compromise of a RSA key
On Fri, May 26, 2006 at 07:23:05AM +0530, Sreeram Kandallu wrote:
Hi All
Is it possible to decrypt a recorded SSL session, if the attacker gains
access to the RSA private keys at a later point in time? If yes, what
would be the best way to avoid this?
$
I don't have the details at hand, but look at perfect forward secrecy
in SSL and TLS, Rescorla.
Sreeram Kandallu wrote:
Hi All
Is it possible to decrypt a recorded SSL session, if the attacker gains
access to the RSA private keys at a later point in time? If yes, what
would be the best way
Thats cool..they do have DH ...a quick look suggested a premaster
secret(randomly choosen). Dint seem like theres a DH exchange
Sudharsan
Sudharsan
On 5/25/06, Victor Duchovni [EMAIL PROTECTED] wrote:
On Fri, May 26, 2006 at 07:23:05AM +0530, Sreeram Kandallu wrote:
Hi All
Is it possible
Related note: you can explicitly request re-keying at any time, and
should do it periodically on long-term connections. That makes analysis
even more expensive since there's less data and less payoff.
Victor Duchovni wrote:
For all these ciphers the attacker has to brute force the symmetric
Thanks!
looks like RSA+DH is the way to go for perfect forward secrecy!
Sreeram
signature.asc
Description: OpenPGP digital signature
On OS X you can use pstopdf... a couple of ideas can be found here:
http://www.macosxhints.com/article.php?
story=20051020122911920query=man+pdf
Basic usage is:
man -t openssl | pstopdf -i -o openssl.pdf
That will give you a formatted PDF for two sided printing.
On May 25, 2006, at 6:17 PM,
21 matches
Mail list logo