similar to: Source code patch (for 6.6p1) adding support for Brainpool Elliptic Curves

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 30 July 2018 at 21:00 ѽ҉ᶬḳ℠ < <a href="mailto:vtol@gmx.net">vtol@gmx.net</a>> wrote: </div> <div> <br>

> I did some local testing and it seems that you are using a curve that is not acceptable for openssl as a server key. > > I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem -port 5555 > > using cert generated with brainpool. Everything works if I use prime256v1 or secp521r1. This is a limitation in OpenSSL and not something we can really do anything about. > >

On 31.07.2018 03:32, ????? wrote: >> Perhaps for whose interested - IETF RFC 7027 specifies for TLS use: >> >> [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] >> >> And thus t1 would not work anyway. However, having tested r1 the result >> was just the same. >> >> A tcpdump during the openssl test [ s_server | s_client ] then revealed

>>>> I did some local testing and it seems that you are using a curve >>>> that is not acceptable for openssl as a server key. >>>> I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem >>>> -port 5555 >>>> using cert generated with brainpool. Everything works if I use >>>> prime256v1 or secp521r1. This is a

In the past 24 hours multiple persons have contacted me regarding the use of elliptic curve cryptography in tinc 1.1 in light of the suspicion that the NSA might have weakened algorithms and/or elliptic curves published by NIST. The new protocol in tinc 1.1 (SPTPS) uses ECDH and ECDSA to do session key exchange and authentication, in such a way that it has the perfect forward secrecy (PFS)

In the past 24 hours multiple persons have contacted me regarding the use of elliptic curve cryptography in tinc 1.1 in light of the suspicion that the NSA might have weakened algorithms and/or elliptic curves published by NIST. The new protocol in tinc 1.1 (SPTPS) uses ECDH and ECDSA to do session key exchange and authentication, in such a way that it has the perfect forward secrecy (PFS)

> On 30 July 2018 at 20:37 ????? <vtol at gmx.net> wrote: > > > > >>>>>>> facing [ no shared cipher ] error with EC private keys. > >>>>>> the client connecting to your instance has to support ecdsa > >>>>>> > >>>>>> > >>>>> It does - Thunderbird 60.0b10 (64-bit) >

> >>> Perhaps for whose interested - IETF RFC 7027 specifies for TLS use: >>> >>> [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] >>> >>> And thus t1 would not work anyway. However, having tested r1 the result >>> was just the same. >>> >>> A tcpdump during the openssl test [ s_server | s_client ] then revealed

On 31.07.2018 09:30, ????? wrote: >>>> Perhaps for whose interested - IETF RFC 7027 specifies for TLS use: >>>> >>>> [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] >>>> >>>> And thus t1 would not work anyway. However, having tested r1 the result >>>> was just the same. >>>> >>>> A tcpdump

> Perhaps for whose interested - IETF RFC 7027 specifies for TLS use: > > [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] > > And thus t1 would not work anyway. However, having tested r1 the result > was just the same. > > A tcpdump during the openssl test [ s_server | s_client ] then revealed > (TLSv1.2 Record Layer: Handshake Protocol: Client Hello) : > >

>> >>> I did some local testing and it seems that you are using a curve >>> that is not acceptable for openssl as a server key. >>> I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem >>> -port 5555 >>> using cert generated with brainpool. Everything works if I use >>> prime256v1 or secp521r1. This is a limitation in OpenSSL

Hi List I'm thinking of putting together some R functionality (maybe a package) of elliptic functions. An elliptic function is one that is doubly periodic on the complex plane and I think they are cool. One objective of mine is to reproduce Abramowitz and Stegun's beautiful diagram on p643 (figure 18.5). The gsl package does sn, cn, dn et seq, but before I put a huge amount of

Hi, Is there nice way to put back EC encryption on Centos? RHEL disabled it due "patent issues", but is third party providing packages to EC enabled packages to centos ? -- Eero

Hi, I've noticed that Dovecot is using per default the elliptic curve sect571r1. Because not all clients might support sect571r1, I would like to set the elliptic curve manually. Is that possible? -Ihsan -- ihsan at dogan.ch http://blog.dogan.ch/

Hi I recently uploaded package "elliptic" to CRAN. From the DESCRIPTION file, it is: A suite of elliptic and related functions including Weierstrass and Jacobi forms. Also includes various tools for manipulating and visualizing complex functions. enjoy rksh -- Robin Hankin Uncertainty Analyst National Oceanography Centre,

Hi I recently uploaded package "elliptic" to CRAN. From the DESCRIPTION file, it is: A suite of elliptic and related functions including Weierstrass and Jacobi forms. Also includes various tools for manipulating and visualizing complex functions. enjoy rksh -- Robin Hankin Uncertainty Analyst National Oceanography Centre,

Hi everybody, I run two redundant Dovecot servers with a shared Maildir on a GlusterFS volume and a SQL authentication backend based on a mirrored MariaDB database. Because of the splitbrain situation I would like to add two Dovecot Director as proxies. Since a few days I am trying to get the setup running. In the meantime I have achieved that the clients can successfully authenticate on the

Hi there! I'm stuck with a problem aligning financial timeseries and haven't found a cue how to fix it... When I run that simple script, everything goes well until the "align"-command: ------ rm(list=ls()) x <- yahooSeries("^GDAXI") head(x) xAligned <- align(x = x, by = "1d", method = "before", include.weekends = FALSE) ------ Here's

The in-kernel nfsroot code is obsoleted by kinit. Remove it; it causes conflicts. Signed-off-by: H. Peter Anvin <hpa at zytor.com> --- commit 161e1dc16ec1129b30b634a2a8dcbbd1937800c5 tree c30da837d746fe65d8a13ccf6f27bd381948edb4 parent 018604e070e143657abcf0cb256a1e2dda205d97 author H. Peter Anvin <hpa at zytor.com> Sat, 20 May 2006 16:24:05 -0700 committer H. Peter Anvin <hpa at

Hello, I have a question concerning the performance of rsync beteen two sites, one in India one in Germany. File exchange between 2 Linux-machines is done using rsync-3.0.5 (typical file size 1.5 GB). Destination machine is: Linux machine1 2.6.9-55.0.9.ELsmp #1 SMP Tue Sep 25 02:16:15 EDT 2007 x86_64 x86_64 x86_64 GNU/Linux Source machine is: Linux machine2 2.6.18-53.el5 #1 SMP Wed Oct 10