Re: SSL Parameters

[Larry Ellis]

Eric Rescorla <[EMAIL PROTECTED]> writes:   >"Larry Ellis" <[EMAIL PROTECTED]> writes: >> I am trying to evaluate whether SSL (specifically openssl), >>would be a suitable choice in securing my application.  >>I am having trouble finding the best combination of >>algorithms and parameters that will serve my needs.  >>Here are the rules: >> >> 1. I'd like to have a key-pair only on the server. >No problem, provided you don't care about the client's identity >(or you're going to authenticate the client some other way). > >> 2. There is no authentication of either party (yes, I know this is not good). >OpenSSL can do this but it's a terrible idea because it leaves you open >to active attack.   Well, if having a certificate only on the server-side eliminates this risk, I suppose I need to reconsider the decision not to use them.   > >> 3. Physical connections can be initiated either by the either side, >> but, once again, only the server has a key pair. >This is no problem PROVIDED that you don't care about authentication.   >> 4. I want to avoid all certificates if possible, but, at minimum, >> restrict their usage to the server. >If you're not going to authenticate your server then there's no >need for certificates on either end. > >> It occurred to me that part of my problem could reduced if the SSL_connect >> could be connection (one said connection is established).  Is this true? >> > >This sentence is unparseable. > >What are you trying to accoplish here? > Sorry, this portion was garbled (largely due to my error, no doubt).  I hope the following makes more sense:       It occurred to me that part of my problem could reduced if the     SSL_connect could be issued from either side of the connection     (once said connection is physically established). Is this true?   I thought it might be helpful to reverse OpenSSL's internal notion of the initiator, if that is a useful step in reaching the goals I've outlined. I suppose my uncertainty lies in how certificate processing is affected by which side issues the SSL_Connect; I refer back to my comment that sometimes the socket-layer connect must be issued by the server-end of the connection.  I know the connector is not usually referred to as the server, so, if it helps, let's call it the side of the connection with the certificate.   My primary problem is trying to determine which combination context calls and settings are required to accomplish all of this.  There is a wide variety of OpenSSL API calls available, not all of which are documented to the extent that I can understand (at this point) what they do.   And, since you've taken the time to respond, let me thank you for your excellent book on SSL; it's been a great help.       Larry Ellis