No luck with RSA and existing cert

Similar Messages

• Anyone have any luck with steam and wine

  im trying to get any steam to work with wine and so far i've had no luck. 
  i have a 512 ATI RADEON X1600 graphics card and im using the open source ati driver.
  have had some success with counterstrike 1.6.  I start a game (local) but it is extremely choppy/laggy. 
  does anyone have any pointers on how to get it to run more smoothly?

  I don't know how well the open source drivers are going to handle games, catalyst may work better but you will have to use the legacy driver (here) for an X1600, and it doesn't work with the most recent kernel.

• I have not had good luck with downloads and need to get information on problems I might encounter with this download.

  I am overwhelmed with all the updates, changes to new servers, etc. seems like it's everyday. I have had to bring my computer back from blue ( actually more like Northern Lights) screen(s) 3 times in the last 5 months. All crashes have been associated with a download, upgrade, etc. Once with Norton, once with Yahoo, and Java continues to cause me problems. I have a Compaq laptop running Windows Vista (I think), using Internet Explorer 9, using microsoft security (firewall, etc) and Panda virus. My current wireless provider is Comcast --but I can't afford the super fast connection anymore. I am continually having problems with Internet explorer just shutting down or going REEEAALLY slow. I figure it's probably from an update, or add-on, or some nasty "ruin your computer fun" gift from a hacker. But I can't figure how to pinpoint where the problem is.
  I don't mean to sound like I'm helpless, but I am not very computer savvy. I am a 52 year old mom who loves having a virtual library at her finger tips and wants to be safe on the net. Thank you for assisting me.

  Thanks for taking time to respond and for the info on the two free scanners.
  I do believe I finally uninstalled Norton - I'll check again. I had AVG for awhile and I unstalled that when I downloaded Panda. The microsoft system security is supposed to alert you when there is a system conflict -- the key words here are SUPPOSED TO.
  I am very leary of downloading/installing/updating anything. For a couple of reasons -- one --if there is a system conflict, a virus, bad cookie (probably doesn't even go well with milk), etc -- I don't know how to fix it. I bumble through somehow, probably creating more messes than I had, or at least different ones. If there's a BIG problem and support is needed . . . Did I say SUPPORT?? Panda was the only company that actually spent time with me. Microsoft, HP,
  Norton, Comcast, Motorola (modem), and a couple of others ALL refused to help me because it wasn't their problem !!
  So is having Firefox as my default browser a good thing or bad?? Will I then have to update/download all different kinds of programs. Yahoo is my email provider and my microsoft email is not currently set up. I have used Firefox before, but not on this computer.
  Are there any other programs I should be aware of that might conflict with Firefox.
  Are there any ADD-ON's, drivers, plug-ins that might create problems ( I really don't understand all the previous terminology, I just know those are the areas where the problems are always occuring.
  Thanks again for your time and information.
  God Bless You, Tami (tamaroo47)

• VPN Login first with RSA and then AD?

  I've run in to a situation I hadn't considered when we stood up our RSA 2-factor authentication for VPN. We use AnyConnect clients to hit our Cisco VPN concentrators which then passes off authentication responsibilities to ISE and ISE knows which Identity Store to use based on where the authentication request is coming from and what group(s) a person belongs to.   
  We now have a service provider that that will reach right in to a product they manage for us when we call and say there is a problem. However, the tech/engineer assigned to the issue could be one of many from their pool of available resources. The service provider only wants 1 token which will be "locked up" and the PIN "locked up" separately as well so when we report a problem they can connect and resolve it.
  I won't issue a single token to them because they are associated with AD accounts but I could create a generic account local to RSA they could authenticate against if they could then auth with their AD creds before connecting.
  So my question is has anyone done this? Is it possible to have AnyConnect ask for SecurID authentication and then come back with a prompt for AD authentication?
  Thanks

  Hi Darren,
  should be no problem, using double authentication:
  aaa-server myLDAP protocol ldap
  aaa-server myRSA protocol sdi
  tunnel-group foo general-attributes
  authentication-server-group myRSA
  secondary-authentication-server-group myLDAP [use-primary-username]
  This will prompt for 2 usernames & 2 passwords, unless you add "use-primary-username" but I guess in your case you do need 2 different usernames.
  hth
  Herbert

• VPN with RSA and LDAP Groups

  I'm tryin to rebuild our VPN environment with a pair of 5520. WE're going to use Anyconnect mobility exclusively with SSL. No IPSec and no SSL Webvpn.
  We have a large number of contractors using the VPN to access specific internal resources so I would like to use different IP subnets for each contractor assigned through group policy. I don't want to have a different URL for each contractor so I want to assign the group policy through LDAP group memebership. However, primary authentication will be via RSA 2 factor.
  How do I get the ASA to check group membership and hense assign the right group when primary authentication is through RSA?
  Thanks for any help.

  yes you can do the Authentication to an RSA server and the Authorization to the LDAP server.
  Please configure LDAP as an authorization server.
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808d1a7c.shtml
  Do let me know how it goes.
  ~BR
  Jatin Katyal
  **Do rate helpful posts**

• Delete with IN and EXISTS

  Hi,
  I was suggested by one of the oracle forums member
  that
  DELETE FROM PYMT_DTL WHERE CLM_CASE_NO IN
  (SELECT CLM_CASE_NO FROM TEMP_ARCHIVE1 );
  is same as
  DELETE FROM PYMT_DTL WHERE EXISTS (SELECT CLM_CASE_NO FROM TEMP_ARCHIVE1);
  I see rows only get deleted with 2nd query
  if both queries are same why is not 1st query deleteing rows ?
  Thanks in Advance

  Hi,
  The two DELETE statements you posted are not the same.
  DELETE  FROM PYMT_DTL
  WHERE  EXISTS
          ( SELECT CLM_CASE_NO
            FROM TEMP_ARCHIVE1
          );will see if there is anything at all in the temp_archive1 table. If so, it will delete every row in pymt_dtl. If not, nothing will be deleted.
  If you want to delete rows from pymt_dtl that have a matching row in temp_archive1, then you can use the first DELETE statement you posted, or this:
  DELETE  FROM pymt_dtl  m
  WHERE   EXISTS
          SELECT  0
          FROM    temp_archive1
          WHERE   clm_case_no = m.clm_case_no
          );

• Any luck with FCP and DA-88/98?

  Hi All,
  I have to deliver a series of DA-88's (or 98's...doesn't matter which) for a project. Rather than spend the thousands it would cost to transfer each tape at a dub house, I'd like to save the $$$ and do it myself.
  From what I've researched, the Kona 3 and the TASCAM DA-98-HR can connect to one another. But can they interface through FCP?
  My main question is, has anyone out there ever successfuly connected a FCP system to a DA-88/98 deck and been able to properly output 8 channel audio? If so, what was your setup?
  Thanks!

  you may have a problem with the HR tapes playing back in a 88/98 due to the sample rate.
  video ref is a viable option. you'd need to do mmc and mtc to the tascam from a midi interface in soundtrack pro. I've seen menu options regarding midi devices in STP but have never used it. I use Digital Performer to get stuff like that done. the midi timepiece AV will look at video (standard def analog/BlackBurst) and generate WC to lock up other machines, the 2408MKIII has the ability to use any input as SMPTE TC and will gen code from one of their accompanying apps.
  Kona will output rp188 TC embedded in the HD SDI path for machines that are hip to that but the 88/98 etc obviously don't read that.
  Why do they need DA88/98 ? can you not negotiate file based delivery?
  Some networks that required stems on 88/98 will allow file based delivery, particularly with the interchange problems with obsolete/unsupported gear. I haven't had to do one in over a year now, and with the associated difficulties hope I never have to again.

• Anybody having any luck with raid and x2 on neo2?

  Just wondering.  I cant get it to work without hanging before the installing devices in windows.  tried 1b0(had raid then just disappeared),1b3(has raid but hangs before installing devices and thats after i have to  to go into f11 to make it use my array) and 1b4 same thing  .   Only thing left for me to try is try the 5.10 drivers 
  So how you get raid to work?

  Your signature reads " WD raptor 74gb SATA". Are you using one of them?

• RSA and Cyberflex

  hi,
  Someone know if there is some problem with RSA and the card "Cyberflex 64 ko"? because when I try to use RSA 1024 bit with this card, it return 6F00.
  I think the problem is on this line:
  KeyPair pairDeCle = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_1024);The same applet, (same .cap) works with my other card. (In the card specification they say we can use the card with RSA 1024 or 2048 bit)
  regards
  nico

  my applet: (it is the same code of the post "RSA && contactless" with try/catch in addition)
  package fr.moneo_RSA_Biometrie;
  import org.javacardforum.javacard.biometry.SharedBioTemplate;
  //import fr.alex.biometry.SharedBioTemplate;
  import javacard.framework.AID;
  import javacard.framework.APDU;
  import javacard.framework.Applet;
  import javacard.framework.ISOException;
  import javacard.framework.ISO7816;
  import javacard.framework.JCSystem;
  import javacard.framework.OwnerPIN;
  import javacard.security.DESKey;
  import javacard.security.CryptoException;
  import javacard.security.KeyBuilder;
  import javacard.security.KeyPair;
  import javacard.security.RSAPrivateKey;
  import javacard.security.RSAPublicKey;
  import javacardx.crypto.Cipher;
       public class Application_moneo_RSA_biometrie extends Applet {
              final byte CLA_MONAPPLET = (byte) 0xB0;
              final byte INS_INCREMENTER_COMPTEUR = 0x00;
              final byte INS_DECREMENTER_COMPTEUR = 0x01;
              final byte INS_INTERROGER_COMPTEUR = 0x02;
              final byte INS_INITIALISER_COMPTEUR = 0x03;
              final byte INS_SAISIR_CODE = 0x04;
              final byte INS_CRYPTO = 0x05;
              final byte INS_INIT = 0x06;
              private boolean flagCrypto = false;      
              Cipher ecipher;
                 private DESKey key;
                 KeyPair pairDeCle;
              public OwnerPIN pin;
              private byte[] pinBon = {0x31,0x30,0x30,0x30};           
              private RSAPublicKey clePublic;
              private RSAPrivateKey clePrive;
              private byte[] Crypto;
              private byte compteur;           
                     private AID bioServerAID;
                     SharedBioTemplate bioImpl;
                     private static final byte[] BIO_SERVER_AID = {(byte)0x01, (byte)0x02, (byte)0x03,(byte)0x04, (byte)0x05, (byte)0x06,(byte)0x07, (byte)0x08, (byte)0x07,(byte)0x06, (byte)0x05, (byte)0x04};
            public Application_moneo_RSA_biometrie() {
                 compteur = 5;
                 pin = new OwnerPIN((byte)2, (byte)4);          
                 pin.update(pinBon, (short)0, (byte)4);
            public static void install(byte bArray[], short bOffset, byte bLength)
                 throws ISOException {
                 new Application_moneo_RSA_biometrie().register();
            public void process(APDU apdu) throws ISOException {
                 byte[] buffer = apdu.getBuffer();
                 if (this.selectingApplet()){
                      initialisation();     
                         bioServerAID = JCSystem.lookupAID(BIO_SERVER_AID,(short)0,(byte)BIO_SERVER_AID.length);               
                                  bioImpl = (SharedBioTemplate) JCSystem.getAppletShareableInterfaceObject(bioServerAID,(byte)0);                                         
                                  apdu.setOutgoing();
                      apdu.setOutgoingLength((short)Crypto.length);
                      apdu.sendBytesLong(Crypto,(short) 0, (short) Crypto.length);
                          return;
                 if (buffer[ISO7816.OFFSET_CLA] != CLA_MONAPPLET) {
                      ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
                 switch (buffer[ISO7816.OFFSET_INS]) {
                 case INS_INIT:
                      break;
                 case INS_SAISIR_CODE:
                      byte byteRead = (byte) apdu.setIncomingAndReceive();
                      byte[] partieAdecrypter = RecupererPartieDeAPDU(apdu.getBuffer(), (short)5, (short)byteRead);          
                      byte[] derypt = decrypter(partieAdecrypter);
                      short u =0;
                      for(short i = 5; i<9; i++){
                      buffer[i] = derypt[u];
                      u++;
                      short result = bioImpl.match(buffer,(short) 5, (short) 4);
                      if (!bioImpl.isValidated()){
                           ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
                      break;
                 case INS_INCREMENTER_COMPTEUR:
                           if (bioImpl.isValidated())
                           compteur++;
                           else {
                                ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
                           break;
                 case INS_DECREMENTER_COMPTEUR:
                           if (bioImpl.isValidated())
                           compteur--;
                           else {
                                ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
                           break;
                 case INS_INTERROGER_COMPTEUR:
                           if (bioImpl.isValidated()){
                           byte[] valeur = new byte [2];
                           valeur[0] = compteur;
                           apdu.setOutgoing();
                           apdu.setOutgoingLength((short)valeur.length);
                           apdu.sendBytesLong(valeur,(short) 0, (short) valeur.length);                    
                           }else {
                                ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
                           break;
                 case INS_INITIALISER_COMPTEUR:
                           if (bioImpl.isValidated())
                           apdu.setIncomingAndReceive();
                           compteur = buffer[ISO7816.OFFSET_CDATA];
                           else {
                                ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
                           break;
                 default:
                           ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
            public byte[] RecupererPartieDeAPDU(byte[] tableauReference, short offset, short length){
                 byte[] copieTableau = new byte[length];
                 short u =0;
                 for (short i= offset; i<(short)(offset+length); i++){
                      copieTableau[u]=tableauReference;
                      u = (short)(u + 1);
                 return copieTableau;     
       public void initialisation(){
            try{
            pairDeCle = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_1024);
            } catch (CryptoException e){
                 ISOException.throwIt((short) e.ILLEGAL_USE);
                 ISOException.throwIt((short) e.ILLEGAL_VALUE);
                 ISOException.throwIt((short) e.INVALID_INIT);
                 ISOException.throwIt((short) e.NO_SUCH_ALGORITHM);
                 ISOException.throwIt((short) e.UNINITIALIZED_KEY);
            } catch (Exception e){
                 ISOException.throwIt((short)4000);
            pairDeCle.genKeyPair();
            clePublic = (RSAPublicKey) pairDeCle.getPublic();
            clePrive = (RSAPrivateKey) pairDeCle.getPrivate();
            byte[] buffer1 = new byte[1024];
            short tailleExponent = clePublic.getExponent(buffer1, (short)0);
            byte[] exponent = new byte[tailleExponent];
            clePublic.getExponent(exponent, (short)0);
            byte[] buffer2 = new byte[512];
            short tailleModulus = clePublic.getModulus(buffer2, (short)0);
            byte[] modulus = new byte[tailleModulus];
            clePublic.getModulus(modulus, (short)0);
            byte[] positif = new byte[1];
            positif[0] = (byte)0x00;
            byte[] moduluspositif = concatener(positif, modulus, (short)0, (short)modulus.length);
            byte[] sizeExp = new byte[1];
            byte[] sizemodulus = new byte[1];
            sizeExp[0] = (byte)exponent.length;
            sizemodulus[0] = (byte)moduluspositif.length;
            byte[] tailleAndExp = concatener(sizeExp, exponent, (short)0, (short)exponent.length);
            byte[] tailleAndmodulus = concatener(sizemodulus, moduluspositif, (short)0, (short)moduluspositif.length);
            Crypto = concatener(tailleAndExp, tailleAndmodulus, (short)0, (short)tailleAndmodulus.length);
       public byte[] concatener(byte[] tableRef, byte[] tabACopier, short offset, short lenght){
            byte [] newTab = new byte[(short)(tableRef.length + lenght)];
            for(short o = 0; o < (short)tableRef.length; o++){
                 newTab[o] = tableRef[o];
            short u = 0;
            for(short i = (short) tableRef.length; i < (short)(tableRef.length + lenght); i++){               
                 newTab[i] = tabACopier;
                 u = (short)(u + 1 + offset);
            return newTab;          
       public byte[] recuperDonnee(APDU apdu){
            byte[] buf = apdu.getBuffer();
            short lc = apdu.setIncomingAndReceive();
            byte[] data = new byte[lc];
            short u =0;
            for(short i = 5; i<(short)(5+lc);i++){
                 data[u] = buf;
                 u = (short) (u+1);     
            return data;
       public byte[] decrypter(byte[] data ){
            Cipher cipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
            cipher.init(clePrive,Cipher.MODE_DECRYPT);     
            byte[] donneDecrypt = new byte[(short)data.length];
            cipher.doFinal(data, (short)0, (short)data.length, donneDecrypt, (short)0);
            return donneDecrypt;

• RAM: Has anyone else had good luck with Corsair?

  First of all, thanks Bas and Scottg26 for pointing out the correct version of Memtest86+.
  I know that Corsair has a crappy rep around this forum when it comes to the Athlon 64.  However, I've had nothing but good luck so far (knock on wood).  I've been up and running for almost a month now with no BSODs and the computer has booted every time so far.  I'm using Corsair TwinX 1024 LL in slots 1 and 2 with the speed settings on Auto in the BIOS with a voltage of 2.6.  I've run Prime95 for up to 10 hours or so with no errors and I just ran one pass of Memtest86+ v1.00 with no errors.  It took 18:50 and showed the following settings:
  Memory: 1024M  1447MB/S
  Settings: RAM: 200Mhz(DDR 400) / CAS:2-3-2-6 / Single Channel (64 Bits)
  However, I will point out that the only real world test it's really passed so far is playing Call of Duty.
  Here's a link to the actual RAM on NewEgg:  http://www.newegg.com/app/ViewProductDesc.asp?description=20-145-435&catalog=147&manufactory=BROWSE&depa=1
  Is anyone else happy with their Corsair RAM so far or did I just get extremely lucky?

  Quote
  Originally posted by amxandy
  I read the horrible reviews for Corsair on this forum after placing my order for a stick of Corsair CMX512-3200C2PRO memory (I couldn't resist the activity lights). I have had no problems running at specified memory timings. I have always had good luck with Corsair and will continue to use them.
  Yeah They are neat at that. Question is how well do they overclock?
  I'm getting a 28Mhz fsb overclock out of these dimms that I have and They are used I admit, But like the seller said they are great overclockers!

• Execution of subquery of IN and EXISTS clause.

  Hi Friends,
  Suppose we have following two tables:
  emp
  empno number
  ename varchar2(100)
  deptno number
  salary number
  dept
  deptno number
  location varchar2(100)
  deptname varchar2(100)
  status varchar2(100)
  Where dept is the master table for emp.
  Following query is fine to me:
  SELECT empno, ename
  FROM emp,dept
  WHERE emp.deptno = dept.deptno
  AND emp.salary &gt;=5000
  AND dept.status = 'ACTIVE';
  But I want to understand the behaviour of inline query (Used with IN and EXISTS clause) for which I have used this tables as an example (Just as Demo).
  1)
  Suppose we rewrite the above query as following:
  SELECT empno, ename
  FROM emp
  WHERE emp.salary &gt;=5000
  AND deptno in (SELECT deptno FROM dept where status = 'ACTIVE')
  Question: as shown in above query, suppose in our where clause, we have a condition with IN construct whose subquery is independent (it is not using any column of master query's resultset.). Then, will that query be executed only once or will it be executed for N number of times (N= number of records in emp table)
  In other words, how may times the subquery of IN clause as in above query be executed by complier to prepared the subquery's resultset?
  2)
  Suppose the we use the EXISTS clause (or NOT EXISTS clause) with subquery where, the subquery uses the field of master query in its where clause.
  SELECT E.empno, E.ename
  FROM emp E
  WHERE E.salary &gt;=5000
  AND EXISTS (SELECT 'X' FROM dept D where status = 'ACTIVE' AND D.deptno = E.deptno)
  Here also, I got same confusion. For how many times the subquery for EXISTS will be executed by oracle. For one time or for N number of times (I think, it will be N number of times).
  3)
  I know we can't define any fix thumbrule and its highly depends on requirement and other factors, but in general, Suppose our main query is on heavily loaded large transaction table and need to check existance of record in some less loaded and somewhat smaller transaction table, than which way will be better from performance point of view from above three. (1. Use of JOIN, 2. Use of IN, 3. Use of EXISTS)
  Please help me get solutions to these confusions..
  Thanks and Regards,
  Dipali..

  Dipali,
  First, I posted the links with my name only, I don;t know how did you pick another handle for addressing it?Never mind that.
  >
  Now another confusion I got.. I read that even if we used EXISTS and , CBO feels (from statistics and all his analysis) that using IN would be more efficient, than it will rewrite the query. My confusion is that, If CBO is smart enough to rewrite the query in its most efficient form, Is there any scope/need for a Developer/DBA to do SQL/Query tuning? Does this means that now , developer need not to work hard to write query in best menner, instade just what he needs to do is to write the query which resluts the data required by him..? Does this now mean that now no eperts are required for SQL tuning?
  >
  Where did you read that?Its good to see the reference which says this.I haven't come across any such thing where CBO will rewrite the query like this. Have a look at the following query.What we want to do is to get the list of all teh departments which have atleast one employee working in it.So how would be we write this query? Theremay be many ways.One,out of them is to use distinct.Let's see how it works,
  SQL> select * from V$version;
  BANNER
  Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - Production
  PL/SQL Release 11.1.0.6.0 - Production
  CORE    11.1.0.6.0      Production
  TNS for 32-bit Windows: Version 11.1.0.6.0 - Production
  NLSRTL Version 11.1.0.6.0 - Production
  SQL> set timing on
  SQL> set autot trace exp
  SQL> SELECT distinct  D.deptno, D.dname
    2        FROM     scott.dept D,scott.emp E
    3  where e.deptno=d.deptno
    4  order by d.deptno;
  Elapsed: 00:00:00.12
  Execution Plan
  Plan hash value: 925733878
  | Id  | Operation                     | Name    | Rows  | Bytes | Cost (%CPU)| T
  ime     |
  |   0 | SELECT STATEMENT              |         |     9 |   144 |     7  (29)| 0
  0:00:01 |
  |   1 |  SORT UNIQUE                  |         |     9 |   144 |     7  (29)| 0
  0:00:01 |
  |   2 |   MERGE JOIN                  |         |    14 |   224 |     6  (17)| 0
  0:00:01 |
  |   3 |    TABLE ACCESS BY INDEX ROWID| DEPT    |     4 |    52 |     2   (0)| 0
  0:00:01 |
  |   4 |     INDEX FULL SCAN           | PK_DEPT |     4 |       |     1   (0)| 0
  0:00:01 |
  |*  5 |    SORT JOIN                  |         |    14 |    42 |     4  (25)| 0
  0:00:01 |
  |   6 |     TABLE ACCESS FULL         | EMP     |    14 |    42 |     3   (0)| 0
  0:00:01 |
  Predicate Information (identified by operation id):
     5 - access("E"."DEPTNO"="D"."DEPTNO")
         filter("E"."DEPTNO"="D"."DEPTNO")
  SQL>
  SQL> SELECT distinct  D.deptno, D.dname
    2        FROM     scott.dept D,scott.emp E
    3  where e.deptno=d.deptno
    4  order by d.deptno;
      DEPTNO DNAME
          10 ACCOUNTING
          20 RESEARCH
          30 SALES
  Elapsed: 00:00:00.04
  SQL>So CBO did what we asked it do so.It made a full sort merge join.Now there is nothing wrong in it.There is no intelligence added by CBO to it.So now what, the query looks okay isn't it.If the answer is yes than let's finish the talk here.If no than we proceed further.
  We deliberately used the term "atleast" here.This would govern that we are not looking for entirely matching both the sources, emp and dept.Any matching result should solve our query's result.So , with "our knowledge" , we know that Exist can do that.Let's write teh query by it and see,
  SQL> SELECT   D.deptno, D.dname
    2        FROM     scott.dept D
    3          WHERE    EXISTS
    4                 (SELECT 1
    5                  FROM   scott.emp E
    6                  WHERE  E.deptno = D.deptno)
    7        ORDER BY D.deptno;
      DEPTNO DNAME
          10 ACCOUNTING
          20 RESEARCH
          30 SALES
  Elapsed: 00:00:00.00
  SQL>Wow, that's same but there is a small difference in the timing.Note that I did run the query several times to elliminate the physical reads and recursive calls to effect the demo. So its the same result, let's see the plan.
  SQL> SELECT   D.deptno, D.dname
    2        FROM     scott.dept D
    3          WHERE    EXISTS
    4                 (SELECT 1
    5                  FROM   scott.emp E
    6                  WHERE  E.deptno = D.deptno)
    7        ORDER BY D.deptno;
  Elapsed: 00:00:00.00
  Execution Plan
  Plan hash value: 1090737117
  | Id  | Operation                    | Name    | Rows  | Bytes | Cost (%CPU)| Ti
  me     |
  |   0 | SELECT STATEMENT             |         |     3 |    48 |     6  (17)| 00
  :00:01 |
  |   1 |  MERGE JOIN SEMI             |         |     3 |    48 |     6  (17)| 00
  :00:01 |
  |   2 |   TABLE ACCESS BY INDEX ROWID| DEPT    |     4 |    52 |     2   (0)| 00
  :00:01 |
  |   3 |    INDEX FULL SCAN           | PK_DEPT |     4 |       |     1   (0)| 00
  :00:01 |
  |*  4 |   SORT UNIQUE                |         |    14 |    42 |     4  (25)| 00
  :00:01 |
  |   5 |    TABLE ACCESS FULL         | EMP     |    14 |    42 |     3   (0)| 00
  :00:01 |
  Predicate Information (identified by operation id):
     4 - access("E"."DEPTNO"="D"."DEPTNO")
         filter("E"."DEPTNO"="D"."DEPTNO")Can you see a keyword called Semi here? This means that Oralce did make an equi join but not complete.Compare the bytes/rows returned from this as well as cost with the first query.Can you notice the difference?
  So what do we get from all this?You asked that if CBO becomes so smart, won't we need developers/dbas at that time?The answer is , what one wants to be, a monkey or an astranaut? Confused,read this,
  http://www.method-r.com/downloads/doc_download/6-the-oracle-advisors-from-a-different-perspective-karen-morton
  So it won't matter how much CBO would become intelligent, there will be still limitations to where it can go, what it can do.There will always be a need for a human to look all the automations.Rememember even the most sofisticated system needs some button to be pressed to get it on which is done by a human hand's finger ;-).
  Happy new year!
  HTH
  Aman....

• RAC with ASM and without ASM

  Hi all,
  we planing to install RAC 11g instance active/active . and we are using SAN storage RAID 10.
  I know ASM is nice feature . but it need more maintenance in future . This is what I see
  it from Manual and training . for patching ..... because it maintain as instance.
  why I do need ASM since I have SAN and I can control mirroring ...etc
  I need sold answer here ?? why I need to use this feature that already can be covered using another facility like SAN.
  Best Regards,

  What I have found in a RAC world is there is maintenance no matter which way you go, A cluster file system will require upgrades, patches, etc. RAW volumes will require extra effort in allocation, etc. as well as increase the number of files in the database. ASM requires additional instance on each node to maintain which is quite simple and rolling patches in ASM is becoming reality slowly. I have found that removing the management of RAW volumes is more trouble then the maintenance of the ASM instances and the added benefits of ASM outweigh the maintenance for sure. I found that the cluster file system mainteance is pretty well a wash.
  As for ASM being widely used, the most recent RAC clusters (last 3) I have built have all been ASM....... 1 on HPUX and 2 on Linux (Red Hat and Oracle Enterprise Linux) and future clusters coming up that I know of are all going to be ASM as well. While it may be true that a lot of existing RAC environments have not yet gone to ASM almost all new RAC environments are. It is certainly taking hold. If you look at the effort on a large database to move to ASM from RAW volumes or cluster file system it can appear to be a lot of work and that is true, but in the long run my experience with ASM has been positive therefore I would not hesitate to recommend new RAC clusters be built with ASM and existing clusters should have a migration plan in place. As with some cluster file systems like veritas, GPFS, etc. There is addtional cost involved where ASM does not have the additional cost so moving existing clusters can save $$........ RAM volumne management may not fall on the DBA but someone has to manage all those volumnes at a SAN level and that is additional management just may not really be with the DBA.
  Just my additional 2 cents worth.
  Hope this helps.

• Haven't been able to use pages for a while.  Keep getting following message.  Have tried reinstalling iWork, but no luck.  Same problems with Keynote and Numbers/Users/scottmcdonald/Desktop/Screen Shot 2012-03-14 at 9.39.52 PM.png

  Haven't been able to use pages for a while.  Keep getting following message.  Have tried reinstalling iWork, but no luck.  Same problems with Keynote and Numbers/

  Have you moved Pages from its installed location? Or just dragged a copy to your current system?
  It can't find some of its resources apparently.
  Peter

• TS1398 Got the dreaded no wifi on my wife's iPhone 4S. Wifi greyed out and no luck with the reset network instructions. Why isn't Apple addressing this issue? We are a family of Apple product users, 2 ipads, an ipad mini, 4 iPhones but one isn't working!

  Got the dreaded no wifi on my wife's iPhone 4S. Wifi greyed out and no luck with the reset network instructions. Why isn't Apple addressing this issue? We are a family of Apple product users, 2 ipads, an ipad mini, 4 iPhones but one isn't working! Issue began whenwe upgraded the operating system.....
  Come on Apple.....get this issue sorted out!

  Just out of warranty. This is a software issue. everything was ok until the software update. Apple just need to sort it out.

• Compability problem with Java and Python  RSA algorithm implementation

  I have client server application. Server is writtein in python, client in java. Client receives messages from server encrypted with RSA (http://stuvel.eu/rsa), and I'm unable to decrypt it. It seems that this is RSA algorithm compatibility problem. I'm using algorithm from java.security package, instatinating Cipher object like this: c = Cipher.getInstance("RSA"); . I noticed that this algorithm produces for input blocks of lengtrh <=117 ouput block of length 128. Server I guess uses the most triviall impelentation of RSA ( (1 byte is encrypted to 1 byte) So i want to make my java algorithm compatibile with this one which server uses. How to do that ? Do i have to instatinate Cipher object in different way ? Or use another library ?

  azedor wrote:
  First you said it was no good because it could only handle <= 117 byte inputs, now you say it is no good because it produces a 128-byte output. You're not making sense.First i said that this two RSA implementations are not compatibile, and first reason i noticed firstly is that Python imlementation for input of length N produces cryptogram of the same length. Not true. In general, the RSA encryption of any number of bytes less than the length of the modulus will produce a result of length near that of the modulus. When N is less than the length of the modulus, it is rare that N bytes of cleartext produces N bytes of ciphertext.
  Java implementation for data block of length <=117 produces alwasy 128 bytes of output.Pretty much correct and very much desirable. This is primarily a function of the PKCS1 padding which is used to solve two basic problems. First, as I alluded to in my first response, it is the nature of the algorithm that leading zeros are not preserved and second when the cleartext is very small (a few bytes) the exponentiation does not roll over and it is easy to decrypt the result. Both these problems are addressed by PKCS1 padding.
  >
  >
  After what sabre150 said i think of giving up idea of translating Python code to Java and considering to use another assymetric cryptography algorithms on both sides. Can you recommend me sth what should be compatibile with Python ?This seems to be at odds with your statement in reply #3 "Also have acces only to client code so i have to change sth in java." ! This statement is why I said "I suspect ... you have dug a deep hole".
  In your position I would use the Python bindings for openssl. Once more, Google is your friend.