On 08/16/2011 02:58 PM, Dr. Stephen Henson wrote:
> Can you give me a more complete report?
I detailed my situation in a previous recent thread ( Please help:
OpenSSL + OpenVPN Elliptic Curves (SHA512, ECDSA, ECDH, Linux, Debian) ).
Briefly:
- I want to use ECDSA+SHA512 for OpenVPN authenticatio
On Tue, Aug 16, 2011, Gaglia wrote:
> On 08/14/2011 03:53 PM, Dr. Stephen Henson wrote:
> > Should be fixed by this:
> >
> > http://cvs.openssl.org/chngview?cn=21247
>
> Hi and thanks, it would solve all my problems too! Unfortunately, it
> doesn't seem to work for me :(
Can you give me a more
On 08/14/2011 03:53 PM, Dr. Stephen Henson wrote:
> Should be fixed by this:
>
> http://cvs.openssl.org/chngview?cn=21247
Hi and thanks, it would solve all my problems too! Unfortunately, it
doesn't seem to work for me :(
__
Open
On Fri, Aug 12, 2011, Dave Thompson wrote:
>
> 1.0.0 allows any cert sig alg whose name includes "WithRSA".
>
> Adjacent in the code, 1.0.0 like 0.9.8 allows kECDH*e* only for cert
> signed ECDSA+SHA1, though 1.0.0 otherwise handles ECDSA+SHA2family.
> That probably needs a similar upgrade.
>
On 08/13/2011 04:28 AM, Dave Thompson wrote:
> Adjacent in the code, 1.0.0 like 0.9.8 allows kECDH*e* only for cert
> signed ECDSA+SHA1
Now, this is interesting. I have tried an OpenVPN setup using elliptic
curves certificates generated with OpenSSL 1.0.0, and in fact I've found
that I couldn't u
> From: owner-openssl-us...@openssl.org On Behalf Of John Foley
> Sent: Thursday, 11 August, 2011 15:10
> Is there a known bug with ECDH_RSA key exchange cipher suites in
> 0.9.8r? For instance, using cipher suite ECDH-RSA-AES128-SHA
> in 0.9.8r
> does not work. But it does work in 1.0.0d. Thi
Is there a known bug with ECDH_RSA key exchange cipher suites in
0.9.8r? For instance, using cipher suite ECDH-RSA-AES128-SHA in 0.9.8r
does not work. But it does work in 1.0.0d. This is tested using the
following command:
ssltest -tls1 -cert servercert.pem -key serverkey.pem -cipher
ECDH-RSA-A
Hello list,
I've questions about how (temporary) RSA keys will be used in a SSL/TLS
handshake. I understand that DH key exchange is the preferred and standard way
to exchange the shared secret. Nevertheless
1) When will RSA key exchange be used? Is this a configuration of the server?
2) Ar
This helps a lot. Thanks for the clarification.
-Geoff
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steve Marquess
Sent: Thursday, April 19, 2007 4:48 PM
To: openssl-users@openssl.org
Subject: Re: RSA Key exchange and FIPS compliance
Gatfield
Gatfield, Geoffrey wrote:
Hello,
We use OpenSSL for encryption within our application. I am now
enhancing our application to become FIPS compliant. The OpenSSL FIPS
Security Policy lists RSA key wrapping and key establishment as
non-approved. But the policy states that it is included when 80
> We use OpenSSL for encryption within our application.
> I am now enhancing our application to become FIPS compliant.
> The OpenSSL FIPS Security Policy lists RSA key wrapping and
> key establishment as non-approved. But the policy states that
> it is included when 80 to 150 bits of encryption st
Hello,
We use OpenSSL for encryption within our application. I am now enhancing
our application to become FIPS compliant. The OpenSSL FIPS Security
Policy lists RSA key wrapping and key establishment as non-approved. But
the policy states that it is included when 80 to 150 bits of encryption
stren
12 matches
Mail list logo