From nmav at hellug.gr Wed Nov 1 15:05:36 2000 From: nmav at hellug.gr (Nikos Mavroyanopoulos) Date: Wed, 1 Nov 2000 16:05:36 +0200 Subject: DHE_DSS Message-ID: <20001101160536.A8328@crystal.i-net.gr> I've just added some kind of support for DHE_* ciphersuites (without certificate checking). This means that we'll be able to talk to openssl server, that supports DHE_DSS. I'll send a follow-up when I manage to test it. -- Nikos Mavroyanopoulos mailto:nmav at hellug.gr From nmav at hellug.gr Mon Nov 6 00:28:20 2000 From: nmav at hellug.gr (Nikos Mavroyanopoulos) Date: Sun, 05 Nov 2000 15:28:20 -0800 Subject: certificate handling Message-ID: <3A05ED14.8060208@hellug.gr> I've just seen that: http://www.mindspring.com/~leerssen/certutil.html it seems that this is what we've searching for! I'll check it in a few days because I'm pretty stressed now. From nmav at hellug.gr Thu Nov 9 16:40:01 2000 From: nmav at hellug.gr (Nikos Mavroyanopoulos) Date: Thu, 9 Nov 2000 17:40:01 +0200 Subject: problems Message-ID: <20001109174001.A32078@crystal.i-net.gr> I've just corrected some problems we had in the PRF function, and in hmac. However we still have problems interoperating with openssl... The problem seems to be in encryption. We seem to encrypt different than openssl so what we send is decrypted into something strange... It seems that our encrypted data get xor'ed or something, since the pad bytes are the same but with an other value. Tarun have you seen the parser i've send? Is it of any use? I hadn't the time to check it. -- Nikos Mavroyanopoulos mailto:nmav at hellug.gr From nmav at hellug.gr Sun Nov 12 12:40:00 2000 From: nmav at hellug.gr (Nikos Mavroyanopoulos) Date: Sun, 12 Nov 2000 13:40:00 +0200 Subject: great news Message-ID: <20001112134000.A12043@crystal.i-net.gr> The latest cvs version's client can talk to an openssl tls1 server. It seems to work fine now... except of certificates - of course. -- Nikos Mavroyanopoulos mailto:nmav at hellug.gr From wk at gnupg.org Sun Nov 12 15:06:47 2000 From: wk at gnupg.org (Werner Koch) Date: Sun, 12 Nov 2000 15:06:47 +0100 Subject: great news In-Reply-To: <20001112134000.A12043@crystal.i-net.gr>; from nmav@hellug.gr on Sun, Nov 12, 2000 at 01:40:00PM +0200 References: <20001112134000.A12043@crystal.i-net.gr> Message-ID: <20001112150647.M670@gnupg.de> On Sun, 12 Nov 2000, Nikos Mavroyanopoulos wrote: > The latest cvs version's client can talk to an openssl tls1 server. > It seems to work fine now... except of certificates - of course. Great - ist seems to be time to make a release. Anything I have to poilish in libgcrypt? Can we work around the X.509 certifcate stuff; i.e. are private extensions possible? I am thinking of using a OpenPGP certificate. Werner From nmav at hellug.gr Wed Nov 15 10:14:32 2000 From: nmav at hellug.gr (Nikos Mavroyanopoulos) Date: Wed, 15 Nov 2000 11:14:32 +0200 Subject: roll back Message-ID: <20001115111432.A8324@crystal.i-net.gr> I've rolled back most of my latest changes and added only the most stable. I have really problem into choosing how to proceed on supporting multiple TLS versions. SSL3.0 and TLS1.0 only differ a bit and thus I can make inline: if that then... for different protocols (if we want any) we will have to make more changes... I've updated the http://gnutls.hellug.gr ... Please check it, and tell me if there is any problem in order to annouce... -- Nikos Mavroyanopoulos mailto:nmav at hellug.gr From wk at gnupg.org Wed Nov 15 11:22:22 2000 From: wk at gnupg.org (Werner Koch) Date: Wed, 15 Nov 2000 11:22:22 +0100 Subject: roll back In-Reply-To: <20001115111432.A8324@crystal.i-net.gr>; from nmav@hellug.gr on Wed, Nov 15, 2000 at 11:14:32AM +0200 References: <20001115111432.A8324@crystal.i-net.gr> Message-ID: <20001115112222.D4019@gnupg.de> On Wed, 15 Nov 2000, Nikos Mavroyanopoulos wrote: > I've updated the http://gnutls.hellug.gr ... Please check it, and tell > me if there is any problem in order to annouce... From gnupg you'll need to compile the gcrypt library which is used in gnutls. It might be better to say that this version of gnupg has to be compiled and installed but it will not install new gpg binaries. Otherwise one might try to figure out an option to just compile the gcrypt library. BTW, can you rename buildconf to autogen.sh, because that is the name in use by several projects (especailly GNOME stuff). It is easier to have the same names so that you don't need to read the documentation ;) Du you want a ftp*alpha/gnutls directory on sigtrap, so that you can put a copy there which in turn will be mirrored at a lot of places? Werner > > -- > Nikos Mavroyanopoulos > mailto:nmav at hellug.gr > > From nmav at hellug.gr Wed Nov 15 19:21:21 2000 From: nmav at hellug.gr (Nikos Mavroyanopoulos) Date: Wed, 15 Nov 2000 20:21:21 +0200 Subject: roll back In-Reply-To: <20001115112222.D4019@gnupg.de>; from wk@gnupg.org on Wed, Nov 15, 2000 at 11:22:22AM +0100 References: <20001115111432.A8324@crystal.i-net.gr> <20001115112222.D4019@gnupg.de> Message-ID: <20001115202121.A2486@crystal.i-net.gr> On Wed, Nov 15, 2000 at 11:22:22AM +0100, Werner Koch wrote: > It might be better to say that this version of gnupg has to be > compiled and installed but it will not install new gpg binaries. > Otherwise one might try to figure out an option to just compile the > gcrypt library. done > BTW, can you rename buildconf to autogen.sh, because that is the > name in use by several projects (especailly GNOME stuff). It is > easier to have the same names so that you don't need to read the > documentation ;) I see we have two schools here... The php and several other projects use buildconf... I'll insist on buildconf :) > Du you want a ftp*alpha/gnutls directory on sigtrap, so that you can > put a copy there which in turn will be mirrored at a lot of places? That would be really nice.... > Werner -- Nikos Mavroyanopoulos mailto:nmav at hellug.gr