On Mon, Oct 23, 2017 at 6:47 PM, Kyle Hamilton wrote:
> Out of curiosity, what are the algorithm identifiers for X25519 and Ed25519?
>
The ones I am aware of are available in
http://tools.ietf.org/html/draft-josefsson-pkix-newcurves.
Jeff
--
openssl-users mailing list
To
Out of curiosity, what are the algorithm identifiers for X25519 and Ed25519?
-Kyle H
On Mon, Oct 23, 2017 at 3:24 PM, Jakob Bohm wrote:
> On 21/10/2017 15:38, Codarren Velvindron wrote:
>>
>> https://tls13.crypto.mozilla.org is using : The connection to this site is
>>
On 21/10/2017 15:38, Codarren Velvindron wrote:
https://tls13.crypto.mozilla.org is using : The connection to this
site is encrypted and authenticated using a strong protocol (TLS 1.3),
a strong key exchange (X25519), and a strong cipher (AES_128_GCM).
Using openssl standard tools is it
They are NOT using a 25519 certificate; it says “key exchange”
From: Codarren Velvindron <devild...@gmail.com>
Date: Saturday, October 21, 2017 at 9:38 AM
To: Rich Salz <rs...@akamai.com>, openssl-users <openssl-users@openssl.org>
Subject: Re: [openssl-users] Generating CSR
On Sat, Oct 21, 2017 at 9:38 AM, Codarren Velvindron
wrote:
> https://tls13.crypto.mozilla.org is using : The connection to this site is
> encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
> exchange (X25519), and a strong cipher (AES_128_GCM).
https://tls13.crypto.mozilla.org is using : The connection to this site is
encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
exchange (X25519), and a strong cipher (AES_128_GCM).
Using openssl standard tools is it possible to generate a CSR through
Ed25519 ?
--
* How would we be able to achieve this? I have read somewhere on a 2016
mail in the archives that it is an "encrypt-only" algorithm and that is not
possible.
X25519 is a key-exchange-only algorithm. Ed25519 is a signing algorithm.
Unlike classic RSA, the signing and the key exchange are
Errata: I meant private key
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
How would we be able to achieve this? I have read somewhere on a 2016 mail
in the archives that it is an "encrypt-only" algorithm and that is not
possible.
But I have found many sites on let's encrypt already using this.
Does anyone know how to do this?
Thanks,
Codarren
--