Re: SSL/TLS encryption algorithms

Viktor Dukhovni Fri, 01 Nov 2013 15:17:04 -0700

> >     $ openssl ciphers -v DHE-RSA-CAMELLIA256-SHA
> >     DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH       Au=RSA  Enc=Camellia(256) 
> > Mac=SHA1
> >
> >     $ openssl ciphers -v AES128-SHA256
> >     AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  
> > Mac=SHA256
> >
> >Does your application need to perform faster, offer forward-secrecy, be
> >most interoperable, ... ?
> 
> these was the result of using 2 different browsers with the same SSL
> website ...
> (1) an old firefox
> (2) the latest IE - IE11 on Win 8.1
> 
> https://ssl.mathemainzel.info/info/
> you can try your browser ...
> 
> how would I define forward-secrecy on Apache webserver?


If the server negotiated both ciphers, it already supports
forward-secrecy (aka PFS) if the client does too.

-- 
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Re: SSL/TLS encryption algorithms

Reply via email to