Kenneth Mutka <[EMAIL PROTECTED]> writes:
> > Neither Netcape 4.7 nor IE 5 supports DH key exchange. It is not
> > required by SSLv3.
>
> If they don't support it, what browsers does?
> I would like to run Anonymous Diffie-Hellman aswell.
As I said in my previous mail, IE 5 Under Win2K supports
DSS/DH.
It does not, however, as far as I know, support anonymous
DH.
Once again, using anonymous DH is a really terrible idea.
It leaves you completely open to active attack.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software for Java
http://www.rtfm.com/puretls/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
