Hi Dave, >I'm guessing ADH means Anonymous Diffie Hellman, right? and AES256 is the AES encryption cipher w/ a 256 bit cipher key? Right
TLS cipher suites are defined in RFC5246. They defines the Key exchange algorithm, the symmetric encryption, and the hash function. Example: TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA Key exchange is DHE authenticated with DSS RC4 is the symmetric encryption SHA is the hash function. >What is DHE_DSS vs. DHE_RSA and things like that? DHE should be authenticated, with RSA- or DSS-based certificates (or preshared keys-see RFC4279)) >Can anybody point me to where these are defined? Most of them are defined in RFC 5246 >Is there any benefit of one over the other? for PFS, usually we use DHE, but DH is more expensive (execution time) than RSA Best regards, Badra
