On Thu, Mar 22, 2007, Dinh, Thao V CIV NSWCDD, K72 wrote: > > I can not use temporary RSA keys because of: > > >Temporary RSA keys are only used in some export ciphersuites which are > now obsolete. The use of ephemeral > > RSA keys actually violates the standards in that particular > ciphersuite. > > > What else can I do to implement Ephemeral keying ??? Please help. I have > limited knowledge in this openssl. >
Depends on what you want to interop with. If it is OpenSSL to OpenSSL then you could use ephemeral RSA keys (well you could the last time I tested it ages ago). If you want to interop with typical browsers then they'll probably choke due to the standard violation and you are SOL. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
