Displaying 20 results from an estimated 189 matches for "stapl".
Did you mean:
stall
2016 Mar 03
4
Implementation of TLS OCSP Stapling
Hi all,
About a year ago, Torsten already asked for OCSP stapling
(http://dovecot.org/pipermail/dovecot/2015-April/100632.html).
Unfortunately, there was no answer to his question.
Now RFC 7633 ("TLS Feature Extension",
https://tools.ietf.org/html/rfc7633, a.k.a. "Must Staple") has landed,
revocation is getting serious! I personally would...
2016 Mar 03
2
Implementation of TLS OCSP Stapling
...refox code base.
> Thunderbird definitely does validate certificates via OCSP, enabled by default and I've run into that the hard way a couple of times wrt StartSSL having issues with their responder. This isn't hypothetical, guys....
OCSP status querying isn't the same as verifying stapled OCSP responses
though. Can't find Thunderbird's support for stapling unfortunately..
2018 May 01
2
OCSP Stapling and Certificate Transparency
Hi,
For CAs that do not include a signed certificate timestamp in their newly-issued certificates, does Dovecot support either OCSP stapling or the Certificate Transparency TLS extension?
If the TLS extension is supported, how does the admin configure the timestamp for each certificate?
I?m wondering if any MUAs will follow Google?s lead and insist on CT.
Thank you!
-Felipe Gasper
Mississauga, Ontario
2018 Oct 31
1
OCSP Stapling and Certificate Transparency
...19:03 Felipe Gasper < felipe at felipegasper.com
>> <mailto:felipe at felipegasper.com>> wrote:
>>
>>
>> Hi,
>>
>> For CAs that do not include a signed certificate timestamp in their
>> newly-issued certificates, does Dovecot support either OCSP stapling
>> or the Certificate Transparency TLS extension?
>>
>> If the TLS extension is supported, how does the admin configure the
>> timestamp for each certificate?
>>
>> I?m wondering if any MUAs will follow Google?s lead and insist on CT.
>>
>> Thank y...
2016 Mar 03
3
Implementation of TLS OCSP Stapling
On 03-03-16 13:04, A. Schulze wrote:
>
> dovecot:
>
>> So I would like to know if Dovecot is planning to feature OCSP stapling.
>> That way I know for sure my "must staple" certificates can be used by
>> Dovecot. And in my opinion, every TLS offering daemon should be up to
>> par to the capabilities of TLS.. Not lag behind :)
>>
>> What's your opinion on this matter?
>
>...
2016 Mar 03
2
Implementation of TLS OCSP Stapling
Op 3-3-2016 om 13:04 schreef A. Schulze:
>
> dovecot:
>
>> So I would like to know if Dovecot is planning to feature OCSP stapling.
>> That way I know for sure my "must staple" certificates can be used by
>> Dovecot. And in my opinion, every TLS offering daemon should be up to
>> par to the capabilities of TLS.. Not lag behind :)
>>
>> What's your opinion on this matter?
>
>...
2018 May 01
0
OCSP Stapling and Certificate Transparency
...r>
</div>
<div>
<br>
</div>
<div>
Hi,
</div>
<div>
<br>
</div>
<div>
For CAs that do not include a signed certificate timestamp in their newly-issued certificates, does Dovecot support either OCSP stapling or the Certificate Transparency TLS extension?
</div>
<div>
<br>
</div>
<div>
If the TLS extension is supported, how does the admin configure the timestamp for each certificate?
</div>
<div>
<br>
</div>
<...
2004 Nov 20
1
how to suppress whiskers in a bwplot?
...X > up.w]
X <- c(up.w, q, lo.w)
median.value <- list(x = X[3], y = Y)
Box <- list(x1 = X[c(2, 4, 4, 2)], y1 = Y + c( - w,
- w, w, w), x2 = X[c(4, 4, 2, 2)], y2 = Y +
c( - w, w, w, - w))
e <- par("cxy")[1]
e.l <- min(e, (X[4] - X[5])/2)
# prevent lower staple ends from touching box
e.u <- min(e, (X[1] - X[2])/2)
# prevent upper staple ends from touching box
staple.ends <- list(x1 = rep(c(X[5], max(X[1] - e.u,
X[2])), 2), y1 = c(rep(Y - w, 2), rep(Y + w,
2)), x2 = rep(c(min(X[5] + e.l, X[4]), X[1]),
2), y2 = c(rep(Y - w, 2), rep(Y +...
2016 Jun 17
2
https and self signed
...wrote:
>>>
>>> I don't think OCSP is critical for free certificates suitable for
>>> small businesses and personal sites.
>>>
>> this is philosophy;
>>
>> I'd say when you do it then do it good, else don't do it;
>
> Then OCSP stapling is the way to go but it could be a real PITA to
> setup for the first time and may not be supported by older browsers
> anyway.
>
not really, because the same server tells the client that the SSL
certificate is good, as the SSL certificate itself;
these must be independent;
Walter
2015 Apr 26
0
TLS OCSP Stapling
Hi,
is there a plan to support TLS OCSP stapling in the near future?
Regards Torsten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150426/c30801b6/atta...
2000 May 18
0
Control of box and staple width in boxplot()
I''d like to make the following changes (differences are from R1.0.1):
boxplot.default()
1c1
< function (x, ..., range = 1.5, width = NULL, varwidth = FALSE,
---
> function (x, ..., range = 1.5, width = NULL, varwidth = FALSE,
boxwex=0.8,
37c37,38
< bxp(groups, width, varwidth = varwidth, notch = notch,
---
> bxp(groups, width, varwidth = varwidth,
2007 Apr 10
2
where is xorg-x11-libs-6.8.2-1.EL.13.37.7.i386?
...6.rpm in the CentOS4
x86_64 updates repo. It is listed in the security announcement:
http://lists.centos.org/pipermail/centos-announce/2007-April/013658.html
I see the 4 other i386 packages there: devel, deprecated-libs,
Mesa-libGL, and Mesa-libGLU. Just the libs package is missing.
--
Garrick Staples, GNU/Linux HPCC SysAdmin
University of Southern California
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20070409/3...
2016 Jun 17
2
https and self signed
On 17.06.2016 19:57, ????????? ???????? wrote:
>>> Then OCSP stapling is the way to go but it could be a real PITA to
>>> setup for the first time and may not be supported by older browsers
>>> anyway.
>>>
>> not really, because the same server tells the client that the SSL
>> certificate is good, as the SSL certificate its...
2005 Jun 20
8
New Forum
How do people feel about eliminating the list serv in favor of the forum?
Or limiting the list serv to news?
I have one vendor I work with that has a knowledgebase, a forum, and two
mailing lists - with much overlap of topics. It is truly enough to drive
you totally crazy.
I'm not suggesting anything. Just bringing it up.
Geoff
2003 May 12
1
plot.ranef.lme (PR#2986)
...aPattern = ~!is.na(conc))
phe.ranef <- ranef(phe1,augFrame=TRUE)
plot(phe.ranef, form=lCl~Wt+ApgarInd)
[Error in max(length(x0), length(x1), length(y0), length(y1)) :
Argument "x0" is missing, with no default]
The cause is plain to see: in plot.ranef.lme we have
staple.ends <- list(x1 = c(rep(X - w, 2), rep(X +
w, 2)), y1 = rep(c(Y[5], max(Y[1] - e.u, Y[2])),
2), x2 = c(rep(X - w, 2), rep(X + w, 2)), y2 = rep(c(min(Y[5] + e.l, Y[4]), Y[1]), 2))
. . . .
do.call("lsegments&qu...
2007 Apr 25
3
URGENT: Skip installation ix86 packages from kickstart on 64bit arch?
Hi,
Has any one know how to skip ix86 packages from
installation in Centos kickstart? Most of our machines
have 64bit Intel/AMD CPUs, and it make non-sense to
still keep 32bit compatibility. Even worse of i*86
packages is, when upgrade we have to recompile both
ix86 version and x86_64 version to get an automatic
yum upgrade.
I know we could use 'exclude' option to exclude i*86
packages
2005 Jul 12
3
Unable to call certain 800 numbers through Teliax
We are unable to call certain 800 numbers through Teliax but I thought I
would post this here and see if anyone else had the same problem with either
Teliax or other carriers.
The 800 numbers causing problems pick-up the call right away and are in the
US - American Airlines (8004337300) and Staples (800-378-2753) - we can call
many other 800 numbers just fine.
Our asterisk setup has a 4-port digium analog card as well as a Teliax
account, currently connected via IAX2. We are able to call the 800-numbers
above through the digium card but not through Teliax. We have also tried
calling the n...
2003 Feb 16
6
Default settings for print drivers
Hi. I've finally got Samba to serve up print drivers for the printers I serve.
However, I'm not able to set the default driver options.
This is what I'm doing (from a Win2k Pro box)
Start->Run
\\(samba server)
open Printers folder
right click printer, Properties
Device Settings tab
Configure e.g. default paper size
Click OK
Reopen Properties->Device Settings, and the old paper
2020 May 25
2
How to make IMAPS SSL Cert for Dovecot that works with Thunderbird
...On 5/25/20 11:49 AM, Aki Tuomi wrote:
> Hi!
>
> Can you do
>
> openssl x509 text -noout </etc/letsencrypt/live/...../fullchain.pem
>
> and check these things:
>
> your server hostname isn included in SubjectAlternativeNames, and that the cert hasn't got MUST-STAPLE attribute? You can see this by looking for 1.3.6.1.5.5.7.1.24
>
> Also, can you provide output of
>
> openssl s_client -connect host:993 -trace
>
> Aki
>
>> On 25/05/2020 18:46 hanasaki at gmail.com <hanasaki at gmail.com> wrote:
>>
>>
>> H...
2016 Jun 17
0
https and self signed
>> Then OCSP stapling is the way to go but it could be a real PITA to
>> setup for the first time and may not be supported by older browsers
>> anyway.
>>
> not really, because the same server tells the client that the SSL
> certificate is good, as the SSL certificate itself;
> these mus...