On Wed, Sep 09, 2015 at 12:07:43PM +, Viktor Dukhovni wrote:
> >
> > Are you saying I can't sign the cert with another cert
> > (the pubkey is easy to extract from the cert) with openssl?
>
> If you control a trusted root CA, or an intermediate CA issued
> (possibly indirectly) by a trusted r
On Wed, Sep 09, 2015 at 11:55:36AM +, Viktor Dukhovni wrote:
>
> The expected time for this sort of check is when CAs sign certificates,
> not when TLS handshake participants validate the certificates of
> their peers (issued by trusted issuers, or else why bother).
>
Are you saying I can't s
On Wed, Sep 09, 2015 at 07:45:16AM -0400, Jeffrey Walton wrote:
> Hi Georgi,
>
> Sorry to go offlist...
>
> Also keep in mind that the IETF has effectively deprecated the DH
> parameters in PKIX certificates. In fact, they moved to fixed DH
> groups to avoid the option dance between client and se
Ok, never mind.
Is this ``issue'' real or imaginary according to developers, developers,
developers(!) ?
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On Wed, Sep 09, 2015 at 07:03:59AM -0400, Jeffrey Walton wrote:
> On Wed, Sep 9, 2015 at 6:28 AM, Georgi Guninski wrote:
> > In short openssl 1.0.1p accepts composite $q$
> > in DSA verify/SSL.
> >
> > If $q$ is backdoored in the DSA/DH group parameters,
> > this
In short openssl 1.0.1p accepts composite $q$
in DSA verify/SSL.
If $q$ is backdoored in the DSA/DH group parameters,
this breaks all private keys using it (see links at
bottom).
On linux:
$./apps/openssl s_server -accept 8080 -cert /tmp/cacert2.pem -key
/tmp/key-comp2.key
$./apps/openssl s_clie
