Jon Parry-McCulloch wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> OK, for my next question:
>
> Where are they specified?
>
> Jon
They are specified in the PKIX stuff which is now RFC 2459.
The DH specified in this RFC (X9.42) isn't quite the same as OpenSSL DH
which is largely PKCS#3.
The X9.42 flavour of DH is described in a draft, soon to be RFC, in the
IEFT S/MIME stuff.
Other stuff like how to generate certificate requests is still at the
draft stage.
OpenSSL doesn't (yet) support DH certificates and I've never seen an
example of one: repeated requests have so far turned up a blank.
Support could (and IMHO should) be added but I'd be happier if there was
an example to check we are "doing the right thing" first.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
