Dr. Steve Thank You very much for your help. I am OpenSSL to OpenSSL, so I can use ephemeral RSA keys.
Thank again TD -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Thursday, March 22, 2007 10:01 To: openssl-users@openssl.org Subject: Re: Root Certificates dir On Thu, Mar 22, 2007, Dinh, Thao V CIV NSWCDD, K72 wrote: > > I can not use temporary RSA keys because of: > > >Temporary RSA keys are only used in some export ciphersuites which > >are > now obsolete. The use of ephemeral > > RSA keys actually violates the standards in that particular > ciphersuite. > > > What else can I do to implement Ephemeral keying ??? Please help. I > have limited knowledge in this openssl. > Depends on what you want to interop with. If it is OpenSSL to OpenSSL then you could use ephemeral RSA keys (well you could the last time I tested it ages ago). If you want to interop with typical browsers then they'll probably choke due to the standard violation and you are SOL. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
