Does anyone know if redhat continued to disable the EC support in openssl on 7.0 ?
They were under the illusion EC had copyrights in 6.x so everyone has to compile openssl from scratch to get it there.
Just wondering if they came to their senses.
Not sure how to determine this openssl ecparam -list_curves works on both 7.0 and 6.5 for me, so that is not a valid test.
Oh wait, I see on a 1.0.1h custom build I get a very very long list of curves, but only three on 7.0's core openssl.
So I assume EC is still disabled in 7.0 - darn it redhat, quit this nonsense.
is EC still disabled in openssl on 7.0 (vs 6.x) ?
Re: is EC still disabled in openssl on 7.0 (vs 6.x) ?
EC was enabled in 6.5's openssl for some curves.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: is EC still disabled in openssl on 7.0 (vs 6.x) ?
Ah okay.
On 7.0 when I do
openssl s_client -connect localhost:443
I do get an ECDHE cipher
on 6.5 stock I do not
Looks like they allowed 3 curves in the package (out of dozens).
On 7.0 when I do
openssl s_client -connect localhost:443
I do get an ECDHE cipher
on 6.5 stock I do not
Looks like they allowed 3 curves in the package (out of dozens).
Re: is EC still disabled in openssl on 7.0 (vs 6.x) ?
There is doubt over the patent status of the other curves (not to mention their security) so they enabled the ones they believe won't get them sued I'd guess.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke