Thank you for your quick answer.
I was indeed using an older version.
I'll get a hand on 0.9.5a...
Nicolas Roumiantzeff
-Message d'origine-
De : Dr S N Henson <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : vendredi 8 septembre
not bypass some security checking (I have test that expired and not yet
issued certificates checking are not bypassed but there might be things that
I cant think of).
Thank you...
Nicolas Roumiantzeff
P.S. David, if you have solved your problem, and if you are still hooked up
on this list
with unix.
There might be simpler ways...
Nicolas Roumiantzeff.
-Message d'origine-
De : Markus Wagner <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : lundi 31 juillet 2000 22:00
Objet : Piping into PEM pass phrase!!!
>Hello,
>
>I am building
Under Windows you can use WriteConsole to specify the passphrase but it is a
little intricate program (create a process, create a console, inherit the
console, redirect standard input...) and I don't know if there are
equivalent solution for other systems.
Nicolas Roumiantzeff.
>Norber
>Anybody? This worked three months ago
Sounds like one of the certificates in the chain expired.
Nicolas Roumiantzeff.
-Message d'origine-
De : Garrett Wollman <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : mercredi 2 février 2000 22:53
r example.
Nicolas Roumiantzeff.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
enough in IE itself ;-)
Suscribe to the Microsoft Product Security Notification Service and you will
get an average of one bulletin with a new security issue every other week!
http://www.microsoft.com/security/services/bulletin.asp?ID=8&Parent=2
Is the ActiveX you mensioned marked as safe
difference between installing a CA cert through a secured SSL connection and
through an unsecured connection.
2) And most important, with the ActiveX and Plug-in/SmatUpdate scheme, you
can automatically detect if the CA cert has already been installed or not.
Nicolas Roumiantzeff.
Note: re-reading Pete
browser (this includes trusting Netscape or Microsoft and the way he
got it)
- Verisign (or an other pre-installed CA)
- the new CA
Maybe you could elaborate...
Nicolas Roumiantzeff.
Note: in the meantime I poped a message from Pete Chown describing an analog
(same?) solution on th
t in using Verisign
certificate instead of a self generated sertificate any way.
And for e-mail certificate, a web-of-trust à-la PGP is better than a
Verisign user ID from my point of view (an e-mail address can be easily
spoofed I belive).
Nicolas Roumiantzeff.
-Message d'origine-
De
begining of the SSL handshake instead of
continuing from the point it previously failed.
But maybe I didn't understood how to do it right or maybe this problem has
been solved in the latest OpenSSL release.
Nicolas Roumiantzeff.
-Message d'origine-
De : Bodo Moeller <[EMAIL
Does anybody know why both IE and Netscape browser implement exclusively RSA
certificates?
My feeling is that Microsoft and Netscape both made a deal with RSA Security
to get a "low" price RSA license at the condition of not implementing DSA.
Nicolas Roumiantzeff.
-Message d'
OpenSSL
after all?
Nicolas Roumiantzeff.
-Message d'origine-
De : Claudio M. Horvilleur Mtz. <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : vendredi 26 novembre 1999 04:15
Objet : Re: OpenSSL usage liability.
>Not exactly right, the US are changing
Thank you Bodo.
So is there any reason why the combination DH_DSS_RC4 is not available among
the SSL cipher suites.
It seems like DSS is always associated with DES, never RC4.
Nicolas Roumiantzeff.
-Message d'origine-
De : Bodo Moeller <[EMAIL PROTECTED]>
À : [EMAIL PROTECT
JAR file for Netscape.
>But both don't solve the boostrap problem:
>How do you get secure system you can start from ?
Of course.
Nicolas Roumiantzeff.
__
OpenSSL Project http://www.openss
At last I said someting that is not totaly stupid after all ;-)
Good night Ben...
Nicolas
-Message d'origine-
De : Ben Laurie <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : mardi 16 novembre 1999 18:30
Objet : Re: Compiling OpenSSL withou
Downloading each new browser version using HTTPS (with the previous release)
would be advisable.
Nicolas Roumiantzeff.
-Message d'origine-
De : Harry Whitehouse <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : mardi 16 novembre 1999 06:34
Objet
inds the
specification to be of technical interest and completely
specified."
--------
Nicolas Roumiantzeff.
PS: by any chance, Bruno, have you been through the ENTPE? (nothing to do
with a new crypto algorithm;-)
___
Could you describe this "meet-in-the-middle" attack on the 3-DES?
Nicolas Roumiantzeff.
-Message d'origine-
De : Ben Laurie <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : vendredi 12 novembre 1999 20:13
Objet : Re: Compiling Open
But for the French authorities you would have to prove taht DES is a group.
Beside, the 3-DES implementation used in SSL is not exactly a composition of
3 DES function (the initial and final seps of the DES algorithm are done
only once instead of 3 times).
Nicolas Roumiantzeff.
>And whethe
slightly different from the typical Triple DES
and uses 3 different keys of 8 bytes each (56 bits effective) for a total
effective key length of 168 bits.
Nicolas Roumiantzeff.
-Message d'origine-
De : Ben Laurie <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>US is far away from OpenSSL, and will probably remain that way for
>some time, unless the US export law changes radically.
You mean next month (Dec 15, 1999).
Nicolas Roumiantzeff.
__
OpenSSL P
128-bit rot13 is would not be allowed. They seem
>preoccupied with bits.
You seem to mean that 3DES is not harder to crack than any 56-bit
encryption.
I know that DES cipher texts have been been cracked but do you have example
where 3DES was crac
23 matches
Mail list logo
