On Tue, Feb 02, 2016 at 10:34:32PM +0100, Rainer Jung wrote: > Hi there, > > reading the last advisory again, I noticed, that there's one logical > inconsistency. > > First: > > OpenSSL before 1.0.2f will reuse the key if: > ... > - Static DH ciphersuites are used. The key is part of the certificate and so > it will always reuse it. This is only supported in 1.0.2. > > > and then: > > It will not reuse the key for DHE ciphers suites if: > - SSL_OP_SINGLE_DH_USE is set > ... > > So what's the situation if both situations apply, static DH ciphersuites are > used and SSL_OP_SINGLE_DH_USE is set is set.
Note that it says DHE ciphers, excluding the DH ciphers. Kurt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
