|
| I am right now on my Hitachi Eplate -and I cant log into this forum.
Is there no SSL for wince 2.11 with nPop email program? |
|
|
|
H/PC Philosopher Posts: | 328 |
Location: | United States | Status: | |
| The original web site (www.nakka.com) doesn't have this posted. Someone on openssl.org claimed to have compiled openssl for CE211. I spent a weekend and got it to compile, but it's not fully functional (can't verify/validate certificates). |
|
|
|
H/PC Sensei Posts: | 1,287 |
Location: | New York state, USA | Status: | |
| and then the question would be that I have the Hitachi Eplate with the infamous sh4 processor - so is this compiled version for sh4? |
|
|
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| hey it would be nice if you could upload it somewhere. |
|
|
|
H/PC Philosopher Posts: | 328 |
Location: | United States | Status: | |
| I think I'd be violating US export restrictions if I posted it ... |
|
|
|
H/PC Sensei Posts: | 1,287 |
Location: | New York state, USA | Status: | |
| Thanks for the link, gjcoram. But they still don't have SSL for sh4 or indeed specifically for hpc's. But it's good for my pockets. |
|
|
|
H/PC Philosopher Posts: | 328 |
Location: | United States | Status: | |
| I'm thinking that over the holidays, I'm going to try to build a version of nPOPuk that *includes* all the SSL stuff it needs. It's outrageous that nPOP/nPOPuk itself is 300k but the DLLs are > 1MB; certainly it's not all being used.
If I modify the OpenSSL functions so they can only do "export grade" cryptography, then I'd be able to post the results. And if you want better cryptography, then I think you're forgetting that your mail is sent in clear-text around the internet ...
The other benefit to building it in is that you could then have all the binaries for all the different platforms stored on one flash drive along with the .ini and mailboxes. Right now, the DLLs are all named the same, so you can only have one platform's DLLs in the directory. |
|
|
|
| I would also be very interested in any solution to that nPOP - SSL problem. |
|
|
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| ssl would be needed for stupid mailbox providers such as gmail... |
|
|
|
| Hi,
I also need SSL to access gmail with nPOP but couldn't find any libraries for wince2.11 sh3 devices (j680).
Any help will be appreciated.
Thanks a lot
cnycl |
|
|
|
| I too would be intrested in MIPS compiled version of the npopssl.dll for WINCE 2.11. The site for Qmail downloads has SSLEAY32.dll and LIBEAY32.dll availible for the mips hpcpro, however, im not familiar enough with compiling software to consider compiling the npop dll to match.
If anyone can do that, i thinkthats the final component to getting npop to work authenticated with win ce 2.11
Any help? |
|
|
|
Factorite (Elite) Posts: | 143 |
Location: | Canada | Status: | |
| Export cryptography isn't really much of an issue now.
Quote n January 2000, the restrictions on export regulations were dramatically relaxed. Today, any cryptographic product is exportable under a license exception (that is, without a license) unless the end-users are foreign governments or embargoed destinations (Cuba, Iran, Iraq, Libya, North Korea, Serbia, Sudan, Syria, and Taleban-controlled areas of Afghanistan as of January 2000). Export to government end-users may also be approved, but under a license.
Source: http://www.rsa.com/rsalabs/node.asp?id=2327
No modifications are necessary for "export-grade" cryptography, so OpenSSL recompiles can be posted on the internet. Edited by Jorkapp 2007-03-08 4:56 PM
|
|
|
|
H/PC Philosopher Posts: | 328 |
Location: | United States | Status: | |
| Quote Jorkapp - 2007-03-08 4:54 PM
Export cryptography isn't really much of an issue now.
...
No modifications are necessary for "export-grade" cryptography, so OpenSSL recompiles can be posted on the internet.
But ... OpenSSL is *not* "export-grade." From the OpenSSL web site:
Quote This software package uses strong cryptography, so even if it is created, maintained and distributed from liberal countries in Europe (where it is legal to do this), it falls under certain export/import and/or use restrictions in some other parts of the world.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING
CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD.
Various places on the site have other comments about export restrictions (as well as patent problems, some algorithms can be used in the US but not elsewhere, and vice-versa ).
I was hoping to find a "config --export-grade" option for building OpenSSL, but my sense is that the developers would reject such a pandering to the US government's interests in eavesdropping on anything they can. Edited by gjcoram 2007-03-09 6:56 AM
|
|
|
|
H/PC Philosopher Posts: | 328 |
Location: | United States | Status: | |
| Also, on this web site for mod_ssl, I see the following:
Quote In the United States (USA) it's not allowed to (re-)export mod_ssl or OpenSSL And inside France it's not allowed to use any cryptography at all when keys with more than 40 bits are used. |
|
|
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| Quote gjcoram - 2007-03-09 12:58 PM
And inside France it's not allowed to use any cryptography at all when keys with more than 40 bits are used.
hm sounds irrealistic |
|
|