-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
Am 04.05.2015 um 19:13 schrieb Kurt Roeckx:
On Mon, May 04, 2015 at 09:00:21AM -0500, jack seth wrote:
There is a limit of 1: #define OPENSSL_DH_MAX_MODULUS_BITS
1
I suggested replacing this compile time constant by a SSL_CTX option,
Hi,
I think there is somewhat strange behaviour in OpenSSL that causes
interesting bugs to happen when trying to encode CRLs based on deltas.
More information about the issue (causing a segfault under certain
conditions) is in the attached mail by Felix who discovered it.
Regards,
BenBE.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Matt,
first of all:
THANK YOU!
This has been overdue for ages!
Just a small tweak that would be nice I'd like to see would be to
always have block markers for loops and conditions. The lack of those
was one of the many pitfalls with the old
What about introducing a openssl_deprecated.h which sole purpose is to
throw in a bunch of defines that map ERR_old_style_name
OPENSSL_ERR_new_style_name.
To make an old-style codebase compatiblae the only thing to add would be
either including openssl_deprecated.h or set a macro on the command
Hi Rich,
Am 08.09.2014 23:59, schrieb Salz, Rich:
We are considering changing the default keysize (RSA, DSA, DH) from 1K
to 2K, and changing the default signing digest from SHA-1 to SHA-256.
May I suggest 4096 bit with SHA-256.
That way you have a security level of = 128 bit for both
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Rich,
Am 09.09.2014 00:42, schrieb Salz, Rich:
We are considering removing weak cryptography from the value of
DEFAULT. That is, append :!LOW:!EXPORT
It is currently defined as this in include/openssl/ssl.h: #define
Hi Rich,
Am 09.09.2014 14:18, schrieb Salz, Rich:
May I suggest 4096 bit with SHA-256.
I think the next step after 2K-RSA is ECC, and that 4K RSA isn't going to see
much deployment because of the computational cost. At least, that's how we
see things at my employer.
And Chrome+Firefox
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
Am 01.09.2014 16:17, schrieb AUser ZUser:
Hello Can someone please help me with the following question. I
have a code signing certicate in my X509 store LocalMachine\My
which I can use for signing PowerShell scripts for example
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
Am 03.07.2014 09:46, schrieb phildoch:
I tested the generation of a certificate with a keypair RSA 4096
bit on two different platforms.
The openssl command I used is: /openssl req -newkey rsa:4096
-keyout clientKey.pem -out clientReq.pem/