On 11/13/2012 07:34 PM, Sanford Staab wrote:
Do you guys just want to continue to answer questions on this alias
and not FIX the docs somewhat over time? I could go into a litany of
how much information is just missing from the docs with INCOMPLETE
everywhere.
You might have overlooked the
On 06/28/2012 06:42 PM, Keith Bennett wrote:
I do wonder if this is the proper time place to discuss the
implications of requiring source code to have been obtained by a
secure path excluding the internet. Can an internet-enabled open
source therefore be considered secure by that definition?
Hi!
I try to use a pkcs11 smart card (eToken) to store the web server's
private key with apachemod_ssl.
From the strace output it seems that mod_ssl successfully loads the
pkcs11 engine.
However it does not seem to find the pkcs11 library.
Given that I see no attempt to load openssl.cnf, this is
Hi!
Is the sentence It checks that p and q are in fact prime, and that n =
p*q in RSA_check_key's documentation mean that it checks for weak primes,
like the ones mentioned here?:
http://arstechnica.com/business/news/2012/02/crypto-shocker-four-of-every-1000-public-keys-provide-no-security.ars
Hi!
My application uses openssl-fips for random number generation, where the
seeding have to have at least 100 bits of entropy coming from a hardware
random generator which is certified either to FIPS or CC EAL4. Due to
economy we want to use a USB token and not a full-featured HSM.
I have
Hi!
I am trying to implement a very simple ca using python. I have managed
to obtain a request using crypto.generateCRMFRequest on the client side
(Mozilla browser). I have tried to feed it to openssl req using various
tricks, but there are errors. How should I use this request to create a
2007/10/3, Robert Butler [EMAIL PROTECTED]:
That's right-
nobody can do man-in-the-middle (that I've heard, anyway) on HTTPS, since
everything is encrypted using TLS or SSL.
Ehrmmm. MIMD over https slowly becomes a standard firewall functionality,
Zorp being the first doing it (as in a
Hi!
Maybe Mathias is in a situation similar to mine?
I have an eToken. In keygen time I told the eToken that my new key is
for encryption/verifying only.
Now I wanted to have a cert req. Which should have been signed with
the key. Which is encryption-only, enforced by the token. Because the
key
Hi!
It seems the answer is yes, see http://buildd.debian.org/build.php?pkg=openssl
Another question is what you call 64 bit linux. In debian there are
the following processor families supported which I think work in 64
bit: alpha, hppa, sparc64 and ia64. At least two of them uses 32 bit