On Mon, Jul 18, 2016 at 12:39:46PM -0400, Jung-uk Kim wrote:
> On 07/18/16 08:12 AM, Mathieu Arnold wrote:
> > Hi,
> >
> > +--On 11 juillet 2016 22:56:00 +0300 Slawa Olhovchenkov
> > wrote:
> > | On Mon, Jul 11, 2016 at 03:00:39PM -0400, Jung-uk Kim wrote:
> > |> > .if ( ${PORT_OPTIONS:MGOST} ||
On 07/18/16 08:12 AM, Mathieu Arnold wrote:
> Hi,
>
> +--On 11 juillet 2016 22:56:00 +0300 Slawa Olhovchenkov
> wrote:
> | On Mon, Jul 11, 2016 at 03:00:39PM -0400, Jung-uk Kim wrote:
> |> > .if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) &&
> |> > ${SSL_DEFAULT} == base BROKEN= OpenS
Hi,
+--On 11 juillet 2016 22:56:00 +0300 Slawa Olhovchenkov
wrote:
| On Mon, Jul 11, 2016 at 03:00:39PM -0400, Jung-uk Kim wrote:
|> > .if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) &&
|> > ${SSL_DEFAULT} == base BROKEN= OpenSSL from the base system does not
|> > support GOST, add \
On Tue, Jul 12, 2016 at 5:33 AM, Daniel Kalchev wrote:
>
> > On 12.07.2016 г., at 13:26, Franco Fichtner
> wrote:
> >
> >
> >> On 12 Jul 2016, at 11:59 AM, Daniel Kalchev wrote:
> >>
> >> It is trivial to play MTIM with this protocol and in fact, there are
> commercially available “solutions” f
> On 12.07.2016 г., at 13:26, Franco Fichtner wrote:
>
>
>> On 12 Jul 2016, at 11:59 AM, Daniel Kalchev wrote:
>>
>> It is trivial to play MTIM with this protocol and in fact, there are
>> commercially available “solutions” for “securing one’s corporate network”
>> that doe exactly that. So
On 12.07.2016 12:59, Daniel Kalchev wrote:
> The standard HTTPS implementation is already sufficiently broken, with the
> door wide open by the concept of “multiple CAs”. The protocol design is
> flawed, as any CA can issue certificate for any site. Applications are
> required to trust that cert
> On 12 Jul 2016, at 11:59 AM, Daniel Kalchev wrote:
>
> It is trivial to play MTIM with this protocol and in fact, there are
> commercially available “solutions” for “securing one’s corporate network”
> that doe exactly that. Some believe this is with the knowledge and approval
> of the corp
> On 12 Jul 2016, at 11:59 AM, Daniel Kalchev wrote:
>
> It is trivial to play MTIM with this protocol and in fact, there are
> commercially available “solutions” for “securing one’s corporate network”
> that doe exactly that. Some believe this is with the knowledge and approval
> of the corp
> On 12.07.2016 г., at 12:12, Matthew Seaman wrote:
>
> I'm also curious as to how far these regulations are supposed to extend.
> Presumably traffic which is merely transiting Russian territory isn't
> covered, at least in a practical sense. How about people from Russia
> accessing foreign web
On 12.07.2016 12:16, Andrey Chernov wrote:
> On 12.07.2016 8:48, Kevin Oberman wrote:
>> >> May be need file PR for dns/bind910?
>> >>
>> >> # grep -3 BROK /poudriere/ports/default/dns/bind910/Makefile
>> >> .include http://bsd.port.pre.mk>>
>> >>
>> >> .if ( ${PORT_OPTIONS:
On 12.07.2016 8:48, Kevin Oberman wrote:
> >> May be need file PR for dns/bind910?
> >>
> >> # grep -3 BROK /poudriere/ports/default/dns/bind910/Makefile
> >> .include http://bsd.port.pre.mk>>
> >>
> >> .if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) &&
> ${S
On 07/12/16 06:48, Kevin Oberman wrote:
> In case people are not aware of it, Russian law now requires ALL encrypted
> traffic must either be accessible by the FSB or that the private keys must
> be available to the FSB. I have always assumed that GOST has a hidden
> vulnerability/backdoor that the
On Mon, Jul 11, 2016 at 3:51 PM, Andrey Chernov wrote:
> On 12.07.2016 1:44, Andrey Chernov wrote:
> > On 11.07.2016 21:41, Slawa Olhovchenkov wrote:
> >> On Mon, Jul 11, 2016 at 02:28:45PM -0400, Jung-uk Kim wrote:
> >>
> >>> On 07/10/16 10:10 AM, Andrey Chernov wrote:
> On 10.07.2016 16:30
On 12.07.2016 1:44, Andrey Chernov wrote:
> On 11.07.2016 21:41, Slawa Olhovchenkov wrote:
>> On Mon, Jul 11, 2016 at 02:28:45PM -0400, Jung-uk Kim wrote:
>>
>>> On 07/10/16 10:10 AM, Andrey Chernov wrote:
On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
> I am surprised lack of support GOST
On 11.07.2016 21:41, Slawa Olhovchenkov wrote:
> On Mon, Jul 11, 2016 at 02:28:45PM -0400, Jung-uk Kim wrote:
>
>> On 07/10/16 10:10 AM, Andrey Chernov wrote:
>>> On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
I am surprised lack of support GOST in openssl-base.
Can be this enabled befor
On 11.07.2016 23:13, Slawa Olhovchenkov wrote:
> On Mon, Jul 11, 2016 at 07:48:44PM +0300, Andrey Chernov wrote:
>
>> On 11.07.2016 19:29, Slawa Olhovchenkov wrote:
>>> On Mon, Jul 11, 2016 at 11:04:33AM -0500, Mark Felder wrote:
>>>
On Mon, Jul 11, 2016, at 05:29, Slawa Olhovchenko
On Mon, Jul 11, 2016 at 07:48:44PM +0300, Andrey Chernov wrote:
> On 11.07.2016 19:29, Slawa Olhovchenkov wrote:
> > On Mon, Jul 11, 2016 at 11:04:33AM -0500, Mark Felder wrote:
> >
> >>
> >>
> >> On Mon, Jul 11, 2016, at 05:29, Slawa Olhovchenkov wrote:
> >>>
> >>> I.e. GOST will be available in
On Mon, Jul 11, 2016 at 03:00:39PM -0400, Jung-uk Kim wrote:
> On 07/11/16 02:41 PM, Slawa Olhovchenkov wrote:
> > On Mon, Jul 11, 2016 at 02:28:45PM -0400, Jung-uk Kim wrote:
> >
> >> On 07/10/16 10:10 AM, Andrey Chernov wrote:
> >>> On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
> I am sur
On 07/11/16 02:41 PM, Slawa Olhovchenkov wrote:
> On Mon, Jul 11, 2016 at 02:28:45PM -0400, Jung-uk Kim wrote:
>
>> On 07/10/16 10:10 AM, Andrey Chernov wrote:
>>> On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
I am surprised lack of support GOST in openssl-base.
Can be this enabled befo
On Mon, Jul 11, 2016 at 02:28:45PM -0400, Jung-uk Kim wrote:
> On 07/10/16 10:10 AM, Andrey Chernov wrote:
> > On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
> >> I am surprised lack of support GOST in openssl-base.
> >> Can be this enabled before 11.0 released?
> >
> > AFAIK openssl maintainers
On 07/10/16 10:10 AM, Andrey Chernov wrote:
> On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
>> I am surprised lack of support GOST in openssl-base.
>> Can be this enabled before 11.0 released?
>
> AFAIK openssl maintainers says something like they can't support this
> code and it will become rott
On 07/10/16 09:30 AM, Slawa Olhovchenkov wrote:
> I am surprised lack of support GOST in openssl-base.
> Can be this enabled before 11.0 released?
It works for me, I think. The following change was all I need to enable
the engine:
--- /etc/ssl/openssl.cnf.orig
+++ /etc/ssl/openssl.cnf
@@ -13,6 +
On 11.07.2016 19:29, Slawa Olhovchenkov wrote:
> On Mon, Jul 11, 2016 at 11:04:33AM -0500, Mark Felder wrote:
>
>>
>>
>> On Mon, Jul 11, 2016, at 05:29, Slawa Olhovchenkov wrote:
>>>
>>> I.e. GOST will be available in openssl.
>>> Under BSD-like license.
>>> Can be this engine import in base syste
Hi!
> > I.e. GOST will be available in openssl.
> > Under BSD-like license.
> > Can be this engine import in base system and enabled at time 1.1.0?
> > And can be GOST enabled now?
> I think the wrong question is being asked here. Instead we need to focus
> on decoupling openssl from base so this
On Mon, Jul 11, 2016, at 05:29, Slawa Olhovchenkov wrote:
>
> I.e. GOST will be available in openssl.
> Under BSD-like license.
> Can be this engine import in base system and enabled at time 1.1.0?
> And can be GOST enabled now?
>
I think the wrong question is being asked here. Instead we need
On Mon, Jul 11, 2016 at 11:04:33AM -0500, Mark Felder wrote:
>
>
> On Mon, Jul 11, 2016, at 05:29, Slawa Olhovchenkov wrote:
> >
> > I.e. GOST will be available in openssl.
> > Under BSD-like license.
> > Can be this engine import in base system and enabled at time 1.1.0?
> > And can be GOST en
On Sun, Jul 10, 2016 at 06:28:04PM +0300, Andrey Chernov wrote:
> On 10.07.2016 18:13, Andrey Chernov wrote:
> > On 10.07.2016 18:12, Andrey Chernov wrote:
> >> On 10.07.2016 18:01, Slawa Olhovchenkov wrote:
> >>> On Sun, Jul 10, 2016 at 05:10:04PM +0300, Andrey Chernov wrote:
> >>>
> On 10.0
On 10.07.2016 18:28, Andrey Chernov wrote:
> On 10.07.2016 18:13, Andrey Chernov wrote:
>> On 10.07.2016 18:12, Andrey Chernov wrote:
>>> On 10.07.2016 18:01, Slawa Olhovchenkov wrote:
On Sun, Jul 10, 2016 at 05:10:04PM +0300, Andrey Chernov wrote:
> On 10.07.2016 16:30, Slawa Olhovch
On 10.07.2016 18:13, Andrey Chernov wrote:
> On 10.07.2016 18:12, Andrey Chernov wrote:
>> On 10.07.2016 18:01, Slawa Olhovchenkov wrote:
>>> On Sun, Jul 10, 2016 at 05:10:04PM +0300, Andrey Chernov wrote:
>>>
On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
> I am surprised lack of support
On 10.07.2016 18:12, Andrey Chernov wrote:
> On 10.07.2016 18:01, Slawa Olhovchenkov wrote:
>> On Sun, Jul 10, 2016 at 05:10:04PM +0300, Andrey Chernov wrote:
>>
>>> On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
I am surprised lack of support GOST in openssl-base.
Can be this enabled bef
On 10.07.2016 18:01, Slawa Olhovchenkov wrote:
> On Sun, Jul 10, 2016 at 05:10:04PM +0300, Andrey Chernov wrote:
>
>> On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
>>> I am surprised lack of support GOST in openssl-base.
>>> Can be this enabled before 11.0 released?
>>
>> AFAIK openssl maintainer
On Sun, Jul 10, 2016 at 05:10:04PM +0300, Andrey Chernov wrote:
> On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
> > I am surprised lack of support GOST in openssl-base.
> > Can be this enabled before 11.0 released?
>
> AFAIK openssl maintainers says something like they can't support this
> code
On 10.07.2016 16:30, Slawa Olhovchenkov wrote:
> I am surprised lack of support GOST in openssl-base.
> Can be this enabled before 11.0 released?
AFAIK openssl maintainers says something like they can't support this
code and it will become rotten shortly with new changes, so they drop it.
___
I am surprised lack of support GOST in openssl-base.
Can be this enabled before 11.0 released?
Subject: svn commit: r412619 - in head/dns: bind9-devel bind910 bind99
Author: mat
Date: Wed Apr 6 13:53:09 2016
New Revision: 412619
URL: https://svnweb.freebsd.org/changeset/ports/412619
Log:
Stop
34 matches
Mail list logo
