>From my initial reading of the spec (RFC 4279) and review of the code, it >appears that both PSK and RSA-style key exchanges can exist in both server and >client. That is:
- A server can register the PSK callbacks, identities, and keypair and talk to clients using the PSK and RSA key exchange. - A client can talk register the PSK callbacks and identities, and will be able to connect to both PSK and RSA servers And of course a client or server that registers only one set can only talk to a server or client with the right algorithm. Anyone doing this? Anyone aware of any special gotcha's or concerns? Tnx. /r$ -- Principal Security Engineer Akamai Technology Cambridge, MA