Hi Oliver--
Sorry it's taken me a while to process this message -- i've been very
bad at dealing with a large backlog :(
I haven't thought through the bigger picture of whether this mixture of
WebID and OpenPGP is a good idea or not, but let me address the
technical angle first.
On 08/28/2013 05
Package: wnpp
Severity: wishlist
Owner: David Prévot
* Package name: google-api-php-client
Version : 0.6.6
* URL : http://code.google.com/p/google-api-php-client/
* License : Apache-2.0
Programming Lang: PHP
Description : Google APIs client library for PH
On Fri, Sep 13, 2013 at 11:31:38PM +0200, Paul Wise wrote:
> On Fri, Sep 13, 2013 at 10:51 PM, Kurt Roeckx wrote:
>
> > A self-signed cert's signature algorithm really isn't that
> > important. You either trust that cert or you don't.
>
> Surely this work would apply to self-signed certs too?
>
On Fri, Sep 13, 2013 at 10:51:06PM +0200, Kurt Roeckx wrote:
> I think gnutls by default has a minimum size of 727 for the DH
> size while openssl doesn't have any check for this. But if you're
> using DH you really want to move to something like 2048 if
> possible.
This prime size is pretty irre
On Fri, Sep 13, 2013 at 10:51 PM, Kurt Roeckx wrote:
> A self-signed cert's signature algorithm really isn't that
> important. You either trust that cert or you don't.
Surely this work would apply to self-signed certs too?
http://www.win.tue.nl/hashclash/rogue-ca/
--
bye,
pabs
http://wiki.de
On Fri, Sep 13, 2013 at 10:51:06PM +0200, Kurt Roeckx wrote:
> > The problem in the referenced URI is that gnutls refuses to tolerate
> > a less secure DH key size. Here, gnutls refuses to tolerate a less
> > secure hash algorithm.
>
> I think gnutls by default has a minimum size of 727 for the D
On Fri, Sep 13, 2013 at 09:29:30AM -0400, James Cloos wrote:
>
> The root problem (pardon the pun) is that cacert's root certificate is
> signed with md5 and gnutls doesn't like that.
A self-signed cert's signature algorithm really isn't that
important. You either trust that cert or you don't.
Package: wnpp
Severity: wishlist
Owner: Oleg Gashev
* Package name: libdist-zilla-plugin-test-reportprereqs-perl
Version : 0.006
Upstream Author : David Golden
* URL :
https://metacpan.org/release/Dist-Zilla-Plugin-Test-ReportPrereqs
* License : Apache-2.0
Package: wnpp
Owner: gregor herrmann
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org,debian-p...@lists.debian.org
* Package name: libcpan-mini-inject-perl
Version : 0.33
Upstream Author : Christian Walde
* URL : https://metacpan.org/release/CPAN-Mini-In
> "Md" == Marco d'Itri writes:
Md> Maybe it is related to this?
Md> http://www.postfix.org/announcements/postfix-2.10.2.html
It is related, but different.
The root problem (pardon the pun) is that cacert's root certificate is
signed with md5 and gnutls doesn't like that.
When I use gnutls
On Sep 12, Tollef Fog Heen wrote:
> 2013-09-12 02:35:44 TLS error on connection from ore.jhcloos.com
> [198.147.23.85] (gnutls_handshake): The signature algorithm is not supported.
Maybe it is related to this?
http://www.postfix.org/announcements/postfix-2.10.2.html
TLS Interoperability workar
Package: wnpp
Owner: Marius Gavrilescu
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org,debian-p...@lists.debian.org
* Package name: libtransmission-client-perl
Version : 0.0802
Upstream Author : Jan Henning Thorsen
* URL : https://metacpan.org/release/T
This one time, at band camp, James Cloos said:
> I'll try to trigger it on a cloud server with debugging turned up and
> get a more detailed debug log.
>
> Which release does buxtehude run? Wheezy?
Yes. Can we have a copy of your public cert to see if we can see
anything?
Cheers,
--
---
13 matches
Mail list logo
