On Sat, Apr 21, 2007 at 07:45:24AM -0700, Edward Chan wrote:
> Excuse my ignorance, but isn't TLS a protocol, whereas DH an algorithm?
Exactly, so the protocol has known on-the-wire characteristics, but the
algorithm is a building block, and you have to build the protocol yourself,
and in some rare cases this is justified, but in most cases one is better
off using a fielded protocol. I am curious why you need to build your own
protocol...
> Even if TLS is used, if it does a DH key exchange, I think I would still
> have the same interop problems.
But it does use DH, and does not have the problem you observe.
> I'm basically testing interop of different crypto libs.
You are not testing library inter-operability, you are testing
inter-operability of your glue code, which is wrapped in a non
interoperable way, around multiple implementations of the same
algorithm, that all yield the same logical result, but use
different internal result layouts.
To test library interoperability, test TLS or S/MIME, which are
*protocols* implemented by the libraries.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
