Hello, regarding http://httpd.apache.org/docs/2.2/mod/mod_ssl.html there seem to be different ways to enable ephemeral keying by using SSLCipherSuite in the mod_ssl config.
If I specify kEDH for the kex algorithm, does it mean that the key exchange is not integrity protected by using RSA/DSA (b/c the description states "no cert.")? So, if I want ephemeral keying with integrity protection, do I have to use: a.) SSLCipherSuite kDHr:kDHd:... or b.) SSLCipherSuite kEDH:EDH or something else? Thanks for your help. Thomas ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager majord...@modssl.org
