Hi,
I am working on an application that is both a client and a server. The
DH prime is stored in the binary for the server. Since the Server will
exists inside the Client is there a considerable risk of embedding the
DH p into the code? The alternative is to have the Server generate a
Julian schrieb:
Hi,
I am working on an application that is both a client and a server. The
DH prime is stored in the binary for the server. Since the Server will
exists inside the Client is there a considerable risk of embedding the
DH p into the code? The alternative is to have the Server
Bernhard Froehlich wrote:
Julian schrieb:
Hi,
I am working on an application that is both a client and a server. The
DH prime is stored in the binary for the server. Since the Server will
exists inside the Client is there a considerable risk of embedding the
DH p into the code? The
My fear is that get a hold of P will allow for someone else to use it
to start a protocol disassembly. For instance anyone could create a
DHE-RSA-AES256-SHA TLS server and use P to listen for connections, of
course if would have to have a cert signed by CA to proceed even if
they have P.
Julian wrote:
My fear is that get a hold of P will allow for someone else to use it to
start a protocol disassembly. For instance anyone could create a
DHE-RSA-AES256-SHA TLS server and use P to listen for connections, of
course if would have to have a cert signed by CA to proceed even if they
Thanks jb that clears up a lot.
j
On Apr 14, 2008, at 6:14 AM, jimmy bahuleyan wrote:
Julian wrote:
My fear is that get a hold of P will allow for someone else to use
it to start a protocol disassembly. For instance anyone could
create a DHE-RSA-AES256-SHA TLS server and use P to listen
Julian wrote:
My fear is that get a hold of P will allow for someone else to use it to
start a protocol disassembly. For instance anyone could create a
DHE-RSA-AES256-SHA TLS server and use P to listen for connections, of
course if would have to have a cert signed by CA to proceed even if they