On 11 mai 2015, at 07:43, Viktor Dukhovni openssl-us...@dukhovni.org wrote:
On Mon, May 11, 2015 at 07:07:13AM +0200, Patrick Proniewski wrote:
I would like to upgrade openssl, libssl and libcrypto on my Mac OS X 10.6.8
system. The purpose is to allow system and softwares to use the new libs
Hi,
I read the OpenSSL Cookbook by Ivan Ristic and saw how he configured
nameConstraints so I adapted it for my setup.
First I tried the following but that doesn't work.
permitted;DNS.0=lan
permitted;DNS.1=local
permitted;IP.0=10.0.0.0/255.0.0.0
permitted;IP.1=172.16.0.0/255.240.0.0
On 11 mai 2015, at 07:45, Viktor Dukhovni openssl-us...@dukhovni.org wrote:
On Mon, May 11, 2015 at 07:24:10AM +0200, Patrick Proniewski wrote:
I've compiled OpenSSL 1.0.2a on Mac OS X 10.6.8, and used `openssl
speed` to compare performances with stock OpenSSL (0.9.8). In many
tests, 1.0.2a
While implementing one's own security and/or cryptography is certainly not
advisable for a novice (or even advanced programmers), creating cipher
implementations from scratch is probably one of the best ways to learn and
understand the intricacies of the problem at hand.
Learning about the
On Mon, May 11, 2015 at 04:42:49PM +, Viktor Dukhovni wrote:
On Mon, May 11, 2015 at 11:25:33AM -0500, Nico Williams wrote:
- If you don't want to depend on server certs, use anon-(EC)DH
ciphersuites.
Clients and servers must reject[*] TLS connections using such a
If you don't know about list comprehension in Python, you can simply
construct a list in a loop to get the job done. The end result is the same
no matter which approach you take.
The same is not true for cryptography. While Sec_Aficionado is quite
eloquent and makes several valid points, I
Hi, all...
I think it wise to go back to the OP's stated objective, to create an
independent to libraries source code for demonstration purposes for
AES-CTR mode. The operative prepositional phrase here being for
demonstration purposes.
Thus, whether it is wise to implement one's own crypto
On Fri, May 08, 2015 at 10:57:52PM -0500, Nico Williams wrote:
I should have mentioned NPN and ALPN too.
[...]
A few more details:
- If you don't want to depend on server certs, use anon-(EC)DH
ciphersuites.
Clients and servers must reject TLS connections using such a
ciphersuite
On Sun, May 10, 2015 at 5:58 PM, Mike Mohr akih...@gmail.com wrote:
The task of implementing AES should not be undertaken by a novice
programmer. Please save the world another heartbleed and pick something
more in line with your skill level.
Maybe I am not parsing it correctly It sounds
On Sun, May 10, 2015 at 2:47 PM, konstantinos Alexiou
konstantinako...@gmail.com wrote:
Dear Sirs,
I am new to C programming and i am trying to create an independent to
libraries source code for demonstration purposes for AES-CTR mode.Could i
have some help on doing that using the source
On Mon, May 11, 2015 at 11:25:33AM -0500, Nico Williams wrote:
- If you don't want to depend on server certs, use anon-(EC)DH
ciphersuites.
Clients and servers must reject[*] TLS connections using such a
ciphersuite but not using a GSS-authenticated application protocol.
[*]
11 matches
Mail list logo