|
Thank you for your time
Jan Just Keijser.
You are right, we are using Oracle Linux Server release 8.7. So I will try to contact Oracle to have my answer. Best regards
De : openssl-users <openssl-users-bounces@xxxxxxxxxxx> de la part de openssl-users-request@xxxxxxxxxxx <openssl-users-request@xxxxxxxxxxx>
Envoyé : mercredi 20 septembre 2023 14:00 À : openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx> Objet : openssl-users Digest, Vol 106, Issue 20 ATTENTION : Ce message vient de l'extérieur. Ne cliquez pas sur les liens ou n'ouvrez pas les pièces jointes si vous ne reconnaissez pas l'expéditeur ou si vous n'êtes pas sûr du contenu.
Send openssl-users mailing list submissions to openssl-users@xxxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit https://mta.openssl.org/mailman/listinfo/openssl-users or, via email, send a message with subject or body 'help' to openssl-users-request@xxxxxxxxxxx You can reach the person managing the list at openssl-users-owner@xxxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of openssl-users digest..." Today's Topics: 1. Re: Openssl 1.1.1k specifications (Jan Just Keijser) ---------------------------------------------------------------------- Message: 1 Date: Wed, 20 Sep 2023 12:34:33 +0200 From: Jan Just Keijser <jan.just.keijser@xxxxxxxxx> To: Dr Paul Dale <pauli@xxxxxxxxxxx>, openssl-users@xxxxxxxxxxx Subject: Re: Openssl 1.1.1k specifications Message-ID: <5393b12f-1b0f-9465-757a-f1e802124b9d@xxxxxxxxx> Content-Type: text/plain; charset="utf-8"; Format="flowed" Hi Paul, On 20/09/2023 10:01, Dr Paul Dale wrote: > You cannot possibly be using OpenSSL 1.1.1k with FIPS.? At least not > from the OpenSSL project's sources.? No version of OpenSSL 1.1.x has > been validated by the project. > > I suggest you contact the provider of your "validated" version of > 1.1.1k and ask this of them. > just FYI:? this smells like RedHat Enterprise Linux and derivatives: $ cat /etc/redhat-release Rocky Linux release 8.8 (Green Obsidian) $ openssl version OpenSSL 1.1.1k? FIPS 25 Mar 2021 but you are 100% correct that this is a question for RedHat and not for the OpenSSL team. Having said that, the question ? "Are we using rsa 2048 bits with padding PSS or Elliptic Curve (EDCSA) 256 bits." sounds like a question about the type of certificate that is used for a particular connection - which could be extracted from the certificate used using the appropriate `openssl` command. Regards, JJK / Jan Just Keijser > > Dr Paul Dale > > > On 20/9/23 17:57, Benjamin ENTE wrote: >> Hi everyone >> >> I'm using?OpenSSL 1.1.1k ?FIPS . >> >> I'm asked for some audit if we are using?rsa 2048 bits with padding >> PSS or Elliptic Curve (EDCSA) 256 bits. >> >> I don't know where to find this information and how to check it ? >> >> Can you help me ? >> >> Thank you in advance >> >> Benjamin ENTE >> >> >> >> Ce message et toutes les pi?ces jointes sont ?tablis ? l'intention >> exclusive de ses destinataires et sont confidentiels. Si vous n'?tes >> pas le destinataire de ce message, merci d'en avertir imm?diatement >> l'exp?diteur et de le d?truire. Malgr? nos mesures visant ? nous >> pr?munir des risques en termes de s?curit?, nous vous recommandons de >> vous assurer de la non-introduction de virus dans votre syst?me >> informatique. Tout message ?tant susceptible d?alt?ration au cours de >> son acheminement, Cromology ne saurait ?tre tenue pour responsable de >> dommage caus? par la pr?sence d'un virus dans ce message. > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230920/11aee493/attachment-0001.htm> ------------------------------ Subject: Digest Footer _______________________________________________ openssl-users mailing list openssl-users@xxxxxxxxxxx https://mta.openssl.org/mailman/listinfo/openssl-users ------------------------------ End of openssl-users Digest, Vol 106, Issue 20 ********************************************** |
