search for: p256

...Trivial benchmark: time ssh -c chacha20-poly1305 at openssh.com -S none -o Compression=no \ localhost 'dd if=/dev/zero bs=100000 count=10000' >/dev/null (comparing "user time" only) openssh: 7.9p1, self-compiled, based on upstream package from debian/unstable, hostkey - ecdsa/p256, pubkey auth key - ecdh/p256 Machine: pretty old amd k8 (w/ SSE2, but no SSSE3/AVX/AESNI) OS: linux/debian/stretch, openssl 1.1.0j-1deb9u1 i386: speed: +8% amd64: speed: +10% Machine: raspberry pi 3b+ (BCM2837B0, 4-core Cortex-A53 @1.4GHz) OS: raspbian/stretch baseline: armhf/raspbian: unpatched...

I don't know how to get both RSA and ECC cert from letsencrypt. Aki > On 30 July 2018 at 20:43 David Mehler <dave.mehler at gmail.com> wrote: > > > Hello, > > What acme implementation do you use for your letsencrypt certificates? > If it's acme.sh how do you get both rsa and ecc certificates? What > configuration options are you using in your

...ne -o Compression=no > > \ > > localhost 'dd if=/dev/zero bs=100000 count=10000' >/dev/null > > (comparing "user time" only) > > > > openssh: 7.9p1, self-compiled, based on upstream package from > > debian/unstable, > > hostkey - ecdsa/p256, pubkey auth key - ecdh/p256 > > > > Machine: pretty old amd k8 (w/ SSE2, but no SSSE3/AVX/AESNI) > > OS: linux/debian/stretch, openssl 1.1.0j-1deb9u1 > > i386: speed: +8% > > amd64: speed: +10% > > > > Machine: raspberry pi 3b+ (BCM2837B0, 4-core Cortex-...

...who can sell me a smartcard that supports it. They certainly exist - AFAIK it's required by the US PIV standard, but obtaining cards that support it in single digit quantities seems all but impossible. Can anybody on this list help? I'd want 2-6 cards/tokens that support ECDSA in the NIST p256 curve and ideally RSA and DSA too. Cheers, Damien

Hello, I have discovered what I believe is the issue after hearing back from Aquamail. And that is that android 7 which I'm running 7.0 that is, only supports up to the p256 ecc curve. This brings up a question to users of letsencrypt, when you revoke a certificate does it take it out on the usage as well? I've got one domain that says i've issued to many certificates for it and no more can be issued, thought I was using the staging server. I'd like to get...

...ong term for the benefit of controlling the certificate handling/signing, depending on the CA scale. > Hello, > > I have discovered what I believe is the issue after hearing back from > Aquamail. And that is that android 7 which I'm running 7.0 that is, > only supports up to the p256 ecc curve. This brings up a question to > users of letsencrypt, when you revoke a certificate does it take it > out on the usage as well? I've got one domain that says i've issued to > many certificates for it and no more can be issued, thought I was > using the staging server....

See attached: (1) patch against 7.9p1, tested with openssl 1.1.0j and openssl 1.1.1a on linux/i386; passes regression test and connects to unpatched sshd without problems; I hacked a bit regress/unittests/kex, and benchmarked do_kex_with_key("curve25519-sha256 at libssh.org", KEY_ED25519, 256); Before: 0.3295s per call After: 0.2183s per call That is, 50% speedup; assuming

On Mon, 13 Aug 2018, Blumenthal, Uri - 0553 - MITLL wrote: > Lack of time on the Open Source projects is understandable, and not uncommon. > > However, PKCS11 has been in the codebase practically forever - the ECC > patches that I saw did not alter the API or such. It is especially > non-invasive when digital signature is concerned. > > Considering how long those patches have

...listbox: Fix mouse wheel scrolling for multi-column listboxes. user32/listbox: Fix mouse wheel scrolling for multi-column listboxes. Gijs Vermeulen (1): wine.inf: Update E. South America Standard Time. Hans Leidekker (5): bcrypt: Implement BCryptGenerate/FinalizeKeyPair for ECDH P256. bcrypt: Ignore the size parameter in BCRYPT_CHAINING_MODE setters. winhttp/tests: Fix some test failures. winhttp: Propagate request errors in request_wait. wininet/tests: Fix FTP test failures. Henri Verbeet (2): wined3d: Handle Windows 8.1 in wined3d_driver_info_in...

...e the safe SHA-2 hash algorithms. These have been supported since OpenSSH 7.2 and are already used by default if the client and server support them. * The ssh-ed25519 signature algorithm. It has been supported in OpenSSH since release 6.5. * The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These have been supported by OpenSSH since release 5.7. To check whether a server is using the weak ssh-rsa public key algorithm, for host authentication, try to connect to it after removing the ssh-rsa algorithm from ssh(1)'s allowed list: ssh -oHostKeyAlgorithms=-ssh-rsa use...

...e the safe SHA-2 hash algorithms. These have been supported since OpenSSH 7.2 and are already used by default if the client and server support them. * The ssh-ed25519 signature algorithm. It has been supported in OpenSSH since release 6.5. * The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These have been supported by OpenSSH since release 5.7. To check whether a server is using the weak ssh-rsa public key algorithm, for host authentication, try to connect to it after removing the ssh-rsa algorithm from ssh(1)'s allowed list: ssh -oHostKeyAlgorithms=-ssh-rsa use...

...e the safe SHA-2 hash algorithms. These have been supported since OpenSSH 7.2 and are already used by default if the client and server support them. * The ssh-ed25519 signature algorithm. It has been supported in OpenSSH since release 6.5. * The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These have been supported by OpenSSH since release 5.7. To check whether a server is using the weak ssh-rsa public key algorithm, for host authentication, try to connect to it after removing the ssh-rsa algorithm from ssh(1)'s allowed list: ssh -oHostKeyAlgorithms=-ssh-rsa use...

...2704 1Password 6.4.377 needs function bcrypt.dll.BCryptDeriveKeyPBKDF2 42734 NormalizeString (Unicode normalization) is not implemented 42911 Bayonetta: launches but screen stays black 44150 Alien vs Predator: Crash in DX11 Mode 45312 AC Syndicate needs bcrypt algorythm/functions (ECDH_P256, BCryptGenerateKeyPair, BCryptFinalizeKeyPair) 45473 Rogue Squadron 3D crashes on startup 45524 Add a futex-based implementation of condition variables 45570 League of Legends 8.12+ fails to start a game (anticheat engine, incorrect implementation of LdrInitializeThunk) 45820 Symantec E...

Hi, As of this morning, OpenSSH now has experimental U2F/FIDO support, with U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com" or "ecdsa-sk" for short (the "sk" stands for "security key"). If you're not familiar with U2F, this is an open standard for making inexpensive hardware security tokens. These are easily the cheapest way for users to get a hardware-backed keypa...

...e the safe SHA-2 hash algorithms. These have been supported since OpenSSH 7.2 and are already used by default if the client and server support them. * The ssh-ed25519 signature algorithm. It has been supported in OpenSSH since release 6.5. * The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These have been supported by OpenSSH since release 5.7. To check whether a server is using the weak ssh-rsa public key algorithm, for host authentication, try to connect to it after removing the ssh-rsa algorithm from ssh(1)'s allowed list: ssh -oHostBasedKeyTypes=-ssh-rsa use...