> If you haven't wrapped the OpenSSL struct(s) with your own and you want to
> remember something(s) about an SSL connection, that's what
> SSL_{set,get}_ex_data are for.
Yes, thanks. I might do that if there's no other option, but a EC_get_NID
seems a reasonable thing to want and, if I read S
> From: owner-openssl-us...@openssl.org On Behalf Of Salz, Rich
> Sent: Monday, 17 December, 2012 12:45
> Thanks for the detailed response, Dave.
>
> > As the authenticator you know your own cert already. As the
> verifier you can get the cert and look at it.
> > ... You should be able to know w
Thanks for the detailed response, Dave.
> As the authenticator you know your own cert already. As the verifier you can
> get the cert and look at it.
> ... You should be able to know what you configured.
In general, yes. But in the context of a large proxy server fronting hundreds
of servers an
> From: owner-openssl-us...@openssl.org On Behalf Of Salz, Rich
> Sent: Monday, 17 December, 2012 00:01
> >Can you be a bit more specific about what you mean by "being
> used"? By default OpenSSL can use any built in ECC curve
> though it can be limited in range by those of the peer.
>
To be mo
>Can you be a bit more specific about what you mean by "being used"? By default
>OpenSSL can use any built in ECC curve though it can be limited in range by
>those of the peer.
>Support for retrieving the curves used is very limited in released versions of
>OpenSSL. This has been addressed in H
On Tue, Dec 11, 2012, Salz, Rich wrote:
> Can I determine which of the built-in ECC curves are being used, just by
> looking at the SSL structure? Tnx.
>
Can you be a bit more specific about what you mean by "being used"? By default
OpenSSL can use any built in ECC curve though it can be limit
Can I determine which of the built-in ECC curves are being used, just by
looking at the SSL structure? Tnx.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA