Andrew Cooke <[EMAIL PROTECTED]> writes:
> > 1. The server's generation of its ephemeral DH key.
> > 2. The server's DSA signature.
> > 3. The client's generation of its ephemeral DH key.
[snip]
> I've dug out the nearest I can get to what made me think random numbers
> were critical for DH key ex
Nicolas Roumiantzeff wrote:
>
> Does anybody know why both IE and Netscape browser implement exclusively RSA
> certificates?
> My feeling is that Microsoft and Netscape both made a deal with RSA Security
> to get a "low" price RSA license at the condition of not implementing DSA.
As a matter of
EKR wrote:
> Andrew Cooke <[EMAIL PROTECTED]> writes:
> > EKR wrote:
> > > Andrew Cooke <[EMAIL PROTECTED]> writes:
> > > > Nicolas Roumiantzeff wrote:
> > > > > Does anybody know why both IE and Netscape browser implement exclusively RSA
> > > > > certificates?
> > > > I have no idea, but one r
>What does it take to make OpenSSL use a Chrysalis card?
It took us a few weeks. :) But then, we don't use the PKCS#11
API directly, but instead go through our own C++ classes.
US export regulations prevent me from offering any technical
assistance on what would be an export-controlled product. :
Andrew Cooke <[EMAIL PROTECTED]> writes:
> EKR wrote:
> > Andrew Cooke <[EMAIL PROTECTED]> writes:
> > > Nicolas Roumiantzeff wrote:
> > > > Does anybody know why both IE and Netscape browser implement exclusively RSA
> > > > certificates?
> > > I have no idea, but one reason might be the need fo
Rich Salz wrote:
> There is another option: use additional technology that has the proper
> licenses, such as hardware crypto devices.For example, we use OpenSSL
> but do all the RSA operations on a Chrysalis card.
What does it take to make OpenSSL use a Chrysalis card?
P.S. Found it at http
Andrew Cooke <[EMAIL PROTECTED]> writes:
> This isn't quite true - you can compile OpenSSL to be copyright free.
You mean without the patented algrorithms, presumably? (i.e., "patent
free" not "copyright free".) The code is still copyright, but the
copyright looks pretty liberal (and wouldn't
origine-
De : Andrew Cooke <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : mardi 30 novembre 1999 17:21
Objet : Re: RSA Security and Red Hat, Inc. Sign Licensing Agreement
>This isn't quite true - you can compile OpenSSL to be copyright free.
>Howev
This isn't quite true - you can compile OpenSSL to be copyright free.
However, as far as I know (and my knowledge is a bit out-of-date, so
this may have changed), this then leaves SSL with cipher suites which
are not supported by the common browsers. So you can only write secure
applications tha
After about 2 weeks worth of research (talking to this list, RSA,
our lawyers, etc) I found that if your a company in the US, and you
want SSL to talk to IE or Netscape, you have to either:
- Break the law
or
- Buy a license from RSA (very expensive)
or
- Buy a commercial SSL implimentation
OK, so what is a distributor to do? ;-)
In short: Is it possible to build OpenSSL without and code that is
patent infringed, and still have it talk to Netscape and M$IE? What if I
did:
./Configure --prefix=/usr --openssldir=%{openssldir} linux-elf \
no-bf no-idea no-rc2 no-rc4 no-rc5 no-rsa
> "William" == William H Geiger <[EMAIL PROTECTED]> writes:
William> I am rather confused as to why Red Hat would go with a closed, proprietary
William> crypto library instead of going with OpenSSL, doesn't seem to be the Linux
William> way.
Because if they used OpenSSL, they could be sued f
Short answer no.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Laurie
> Sent: Saturday, November 13, 1999 8:29 AM
> To: [EMAIL PROTECTED]
> Subject: Re: RSA Security and Red Hat, Inc. Sign Licensing Agreement
>
&g
If RedHat does this - well - there is Suse, Debian, etc. Also we can go with
Apache/modssl and this is my prefered way
anyway... either that or twaite.
On Sat, 13 Nov 1999 15:32:18 -0600, William H. Geiger III wrote:
>In <[EMAIL PROTECTED]>, on 11/13/99
>
> at 10:47 AM, "Erik M. A. Klin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 13 Nov 1999, Ben Laurie wrote:
> "William H. Geiger III" wrote:
> > I am rather confused as to why Red Hat would go with a closed,
> > proprietary crypto library instead of going with OpenSSL, doesn't
> > seem to be the Linux way.
>
> Ah, bu
In <[EMAIL PROTECTED]>, on 11/13/99
at 10:47 AM, "Erik M. A. Kline" <[EMAIL PROTECTED]> said:
>> I am rather confused as to why Red Hat would go with a closed, proprietary
>> crypto library instead of going with OpenSSL, doesn't seem to be the Linux
>> way.
> I think there are stringe
On Sat, Nov 13, 1999 at 08:45:07AM -0600, William H. Geiger III wrote:
> Real-To: "William H. Geiger III" <[EMAIL PROTECTED]>
>
> In <[EMAIL PROTECTED]>, on 11/13/99
>at 12:19 PM, Richard Levitte - VMS Whacker <[EMAIL PROTECTED]>
> said:
>
> >gbroiles> It was my understanding that RHSS is
William H. Geiger III wrote:
>
>
> I am rather confused as to why Red Hat would go with a closed, proprietary
> crypto library instead of going with OpenSSL, doesn't seem to be the Linux
> way.
>
Probably because in the US if you want to use RSA then you don't have
any choice. Well at least un
18 matches
Mail list logo
