----- Original Message ----- From: "Kyle Hamilton" <aerow...@gmail.com>
To: <openssl-...@openssl.org>; "openssl-users" <openssl-users@openssl.org> Sent: Thursday, October 11, 2012 3:08 AM Subject: Re: top 10 mistakes when using libopenssl?
Suggestions from my experience: -Failing to verify the certificate after calling SSL_accept() -Failing to verify minimum cipher strength for the application -Failing to understand that the NULL suites give nothing and only take extra bytes
eNULL suites provides authentication, they are not useless (as long as there is no requirement for secrecy). They can be used to ensure that data in transit does not get tampered with.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org