No, I am not aware of such a CA, but I haven't had too much dealing
with CAs either.

For research purposes, I think it might be appropriate to offer one or
a couple anonymous DH cipher suites.  For example, if I want to measure
the latency overhead of running something over TLS (or a modification
of it), I might want to measure this latency with no certificates being
exchanged.  In this case, I would be relying on anonymous DH for key
exchange, right?  (Let's suppose I don't want to use Fortezza).

This is probably a special (and not very common) case why such a cipher
suite would be demanded.  But I agree that, even if provided, it
shouldn't be used in production applications.

I am not quite sure how much overhead ephemeral DH adds over the
ordinary DH.


mozilla-crypto mailing list

Reply via email to