Secp521r1 curve support in Big IP
Hi, We are running Big IP Version 12.1.5 and are interested in transitioning to secp521r1 for extra security in both ECDH and ECDSA. Are you planning on supporting this curve? if so, do you have an estimate? Thank you, John J. Lee | Senior Information Security Consultant
Crypto Client's clientssl profile config issue(External Crypto )
Hi Everyone Who has configured external crypto function ? Crypto Client's clientssl profile cert&key and Crypto Server's crypto-server-default-clientssl profile cert&key is the same? This guide “https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-12-0-0/18.html” is not very clear about the certificate requirements. Many thanks D.Luo
Looking for advice on CRYPTO::sign and CRYPTO::verify
Hoping someone can help... The documentation around the CRYPTO::sign and CRYPTO::verify commands is minimal and I can't find any worked examples online. Couple that with my limited knowledge of cryptography and the challenge of providing cookie integrity checking in an iRule and I'm struggling. I'm currently using the CRYPTO::encrypt and CRYPTO::decrypt commands to set and encrypted cookie in the response to a client and the decrypt it in subsequent requests and that seems to be working well. How to use the sign and verify commands around this to check that the cookie hasn't been tampered with eludes me though. Any help or advice appreciated. fergu5
