search for: fitzner

Displaying 13 results from an estimated 13 matches for "fitzner".

2018 Dec 19
1
How to configure Dovecot to disable NIST's curves and still rertain EECDH?
...Enc=AESGCM(128) Mac=AEAD 0x00,0x3C - AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256 Is there a better way to do this? Is there a way to disable only the suspect NIST curves and still retain EECDH but with side-channel safe curves like X25519? Thanks, Kurt Fitzner Links: ------ [1] https://blog.cr.yp.to/20140323-ecdsa.html -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20181218/59c56547/attachment.html>
2016 Aug 23
4
Sub addressing delimiters
...ly have delimiters. I am wondering what the odds are of reconciling the two approaches, hopefully in favour of the Postfix one. Failing a switch to the other behaviour, is it possible to add the Postfix method as an option? Would a patch for either of these be accepted? Thanks, Kurt Fitzner
2024 Sep 23
1
diffie-hellman-group-exchange-sha256 group size concerns and request
Hello, On Sun, Sep 22, 2024 at 10:15?AM Kurt Fitzner via openssh-unix-dev <openssh-unix-dev at mindrot.org> wrote: > > I would like to advocate for: > > - Change behaviour of the server to allow server operators to set the > minimum modulus group size allowable for a connection using > diffie-hellman-group-exchange-sha256 &gt...
2024 Sep 21
1
diffie-hellman-group-exchange-sha256 group size concerns and request
...odernize DH_GRP_MAX to >= 16384. The current value is based on pre-quantum recommendations (and it is stated only as a recommendation) in an 18-year-old RFC (4416) - Modernize the client to allow explicit setting of its MIN, REQUESTED, and MAX group sizes For your consideration. Kurt Fitzner
2017 Sep 08
2
Automatic DB password hash scheme selection
Hi all, Is there a way to get dovecot to recognize arbitrary password hash schemes when looking up a password in a database? I originally set up with #default_pass_scheme = MD5, and I would like to migrate to SHA512. Seeing as the scheme is actually stored in the password column along with the password in the format $_<scheme#>_$_<salt>_$_<passwordhash>_, it seems to me that
2017 Sep 08
0
Automatic DB password hash scheme selection
On 08.09.2017 06:16, Kurt Fitzner wrote: > > > Hi all, > > Is there a way to get dovecot to recognize arbitrary password hash > schemes when looking up a password in a database? I originally set up > with #default_pass_scheme = MD5, and I would like to migrate to SHA512. > > Seeing as the scheme is ac...
2004 Apr 13
1
EXT3 on raid with external journal...
I have a raid5 array on my web server for which I am currently considering a move to ext3. I want to use an external journal to improve performance. Since the external journal would reside on a drive that is not participating in the raid array, I'm wondering what the behavior of an ext3 filesystem is should the device an external journal is on should fail. If it reverts to ext2
2004 Apr 13
2
logging disk activity
Hi all, I would like to know how often a writes happen on ext3 fs. Is there any way to find this out? Thanks Rahul
2005 Jul 18
0
GPGee (GnuPG Explorer Extension) version 1.1.1 released
...lable from http://gpgee.excelcia.org For those that aren''t familliar with GPGee, it is a GnuPG Explorer Extension for Windows. It adds GnuPG sign/encrypt/verify/decrypt support to the Windows explorer right-click context menu. See the web site above for a fuller list of features. Kurt Fitzner [reposted by moderator]
2020 Jun 15
1
Can't play from iPhone
I am having a terrible time getting an iPhone to connect to my stream. I am trying to connect through just a normal web browser (Safari) to my icecast 2.4.4 server. When I connect to the web page, the iphone doesn't see the <audio> tag on the stream. I think safari doesn't recognize application/ogg as a mime type, which is what icecast 2.4.4's web server puts on it. When I
2018 Dec 19
1
How to configure Dovecot to disable NIST's curves and still rertain EECDH?
My opinion is that security by RFC is not security, it's mommy medicine. Standards have had a terrible time keeping up with security realities. NITS's curves leak side channel information all over the place. I don't have details on what implementations are set to calculate the NIST curves in constant time, and that's not an easy feat to do anyway so I don't want to depend
2000 Aug 06
1
problems compiling sshd on slackware 7.x
Hi, I tried to compile openssh-2.1.1p4 on a slackware 7.1 (and then on a slackware 7.0). you need to supply -lcrypt because otherwise auth-passwd.c line 135 calls the wrong crypt and sshd will never let you log in. (took a while to figure that out.) I tried './configure --with-libs crypt' but configure doesn't seem to understand me ;) checking host system type... Invalid
2005 Sep 06
0
GnuPG Explorer Extension (GPGee) version 1.2.0 released
Version 1.2.0 of GPGee has been released - head to the homepage at http://gpgee.excelcia.org to download it. New features include: - Support for creating signatures with more than one key at once. - Support for verifying multi-signed documents. - Automated new version checking (this was actually added in 1.1.3 but that version was unannounced) - Can automatically change the status of source