On 08/16/2011 02:58 PM, Dr. Stephen Henson wrote:
> Can you give me a more complete report?
I detailed my situation in a previous recent thread ( Please help:
OpenSSL + OpenVPN Elliptic Curves (SHA512, ECDSA, ECDH, Linux, Debian) ).
Briefly:
- I want to use ECDSA+SHA512 for OpenVPN authenticatio
On Tue, Aug 16, 2011, Gaglia wrote:
> On 08/14/2011 03:53 PM, Dr. Stephen Henson wrote:
> > Should be fixed by this:
> >
> > http://cvs.openssl.org/chngview?cn=21247
>
> Hi and thanks, it would solve all my problems too! Unfortunately, it
> doesn't seem to work for me :(
Can you give me a more
On 08/14/2011 03:53 PM, Dr. Stephen Henson wrote:
> Should be fixed by this:
>
> http://cvs.openssl.org/chngview?cn=21247
Hi and thanks, it would solve all my problems too! Unfortunately, it
doesn't seem to work for me :(
__
Open
On Fri, Aug 12, 2011, Dave Thompson wrote:
>
> 1.0.0 allows any cert sig alg whose name includes "WithRSA".
>
> Adjacent in the code, 1.0.0 like 0.9.8 allows kECDH*e* only for cert
> signed ECDSA+SHA1, though 1.0.0 otherwise handles ECDSA+SHA2family.
> That probably needs a similar upgrade.
>
On 08/13/2011 04:28 AM, Dave Thompson wrote:
> Adjacent in the code, 1.0.0 like 0.9.8 allows kECDH*e* only for cert
> signed ECDSA+SHA1
Now, this is interesting. I have tried an OpenVPN setup using elliptic
curves certificates generated with OpenSSL 1.0.0, and in fact I've found
that I couldn't u
> From: owner-openssl-us...@openssl.org On Behalf Of John Foley
> Sent: Thursday, 11 August, 2011 15:10
> Is there a known bug with ECDH_RSA key exchange cipher suites in
> 0.9.8r? For instance, using cipher suite ECDH-RSA-AES128-SHA
> in 0.9.8r
> does not work. But it does work in 1.0.0d. Thi
Is there a known bug with ECDH_RSA key exchange cipher suites in
0.9.8r? For instance, using cipher suite ECDH-RSA-AES128-SHA in 0.9.8r
does not work. But it does work in 1.0.0d. This is tested using the
following command:
ssltest -tls1 -cert servercert.pem -key serverkey.pem -cipher
ECDH-RSA-A
