Open SSL 1.1.1 (General questions)
Is there some kind of a deadline when WeOnlyDo ActiveX components start supporting OpenSSL 1.1.1
(interested in SFTP, SSH components)?
Is there some kind of a deadline when WeOnlyDo ActiveX components start supporting OpenSSL 1.1.1
(interested in SFTP, SSH components)?
by Jasmine, (1378 days ago) @ Mykola Melnyk
Hi.
I'm not really sure why you need OpenSSL 1.1.1 for SSH/SFTP, since those protocols have nothing to do with SSL, so TLS1.3 which is major feature of 1.1.1 doesn't apply to SSH protocol. Can you please elaborate why you need OpenSSL 1.1.1?
As for when it will be supported - as soon as FIPS is available as 'drop in' DLL, as it is now with 1.0.2.
Hope this helps!
Jasmine
by Mykola Melnyk , (1378 days ago) @ Jasmine
Thank you for your quick response.
Our concern originates from the known list of vulnerabilities in OpenSSL 1.0.x. Numerous customers of our company prefer to consume products based on OpenSSL 1.1.1 even before FIPS support is provided. Though the best solution is still both OpenSSL 1.1.1 and FIPS in one bucket.
As far as we access OpenSSL functionalities mainly through WeOnlyDo libraries that's the reason why I raise the issue.
Thank you
by Jasmine, (1378 days ago) @ Mykola Melnyk
Mykola,
hi. Can you point to the list of vulnerability that concern crypto algorithms that are used, not the SSL/TLS layer itself which we don't use? If it's something to be fixed ASAP we'll be happy to know about it.
We'lre also for 1.1.1 (in other products mainly) but FIPS is more important at this time.
Jasmine
by Mykola Melnyk , (1378 days ago) @ Jasmine
The first one I have handy:
https://nvd.nist.gov/vuln/detail/CVE-2019-1552
by Jasmine, (1378 days ago) @ Mykola Melnyk
Hi.
But, that is for TLS protocol. We don't implement or use SSL/TLS in SSH protocol. We use only OpenSSL's crypto libraries. This doesn't apply in any way to SSH protocol.
Jasmine
...wodFtpDlx was exactly what I needed, it worked, and it was priced right...
...not only that you provide these components at very reasonable cost, your responsiveness to emailed technical questions is simply outstanding...
We are having great success with your component ... email server that has over 750 000 mailboxes back ended by a SQL server...
I've heard that you are amazing with your replies coming back so quickly - and now I've seen the speed in which you reply first hand.
It was no small factor, however, that your support in getting me up and running made me buy from you.
Congratulations on an excellent product and first rate support!
Don't be fooled by the cost, it's value and quality far exceeds the price being charged!
I've heard that you are amazing with your replies coming back so quickly - and now I've seen the speed in which you reply first hand.
...with a minimum of effort as the DLL interface was written with such simplicity...
The people at WeOnlyDo are amazing! ... I always get a super fast response from customer service, and the products are great too. Thanks WeOnlyDo