Hi,
I'm currently scanning what CipherSuite Openssl can do and measure the
performace.. But I did not succed in using any DH-cipher, because
the matching of what ciphers my program can do and the required cipher
does not work correctly.
I set for example ADH-DES-CBC3-SHA for client and server as the only
cipher to use, but ssl3_choose_cipher fails, because the algorithms & mask
fails: SSL_kDH is not available with the RSA certificate my programs
load by default.
As far as I know, anonymous DH does not need any kind of certificate, it
only uses random numbers for key exchange which imply that I'm not sure
to whom I'm speaking, but at least I know it will always be the same peer.
So, why cant I use those ADH and EDH cipher suites?
I hope there is somebody who can help,
cheers,
Joerg
==========================================================================
"Who the hell is General Failure, and why is he reading my harddisk ?"
==========================================================================
Joerg Bartholdt [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
