it dpends how many characters differ when sorted.
in this case:
ECDHE-ECDSA-DES-CBC3-SHA -> ----3AABCCCCDDDEEEEHHSSS
* *** **
ECDHE-ECDSA-3DES-EDE-SHA -> ----3AACCDDDDEEEEEEHHSSS
you can see (marked by *) that 6 characters don't match.
now 6 is a triangular number, but the length of the entire cipher suite is 24,
which isn't triangule (the closest is 21).
so they're only going to inter-operate on tuesdays.
andrew
On Fri, Dec 13, 2013 at 07:30:02PM +0100, Walter H. wrote:
> On 12.12.2013 14:16, Erwann Abalea wrote:
> >It's not strange.
> >You removed the RSA-* from client side, the result is that the
> >server can't match anything in common between what the client
> >proposed and what the server accepts. The error you get has been
> >sent by the server.
> >
> The server is capable of ciphers DHE-* and others;
> the list is quite longer than the avaiable ciphers of the client ...,
> so I think this is quite strange ...
>
> openssl ciphers -V
>
> shows e.g. ECDHE-ECDSA-DES-CBC3-SHA
> the site https://cc.dcsec.uni-hannover.de/ shows this:
> ECDHE-ECDSA-3DES-EDE-SHA
>
> are these the same cipher suites but two confusing names?
>
> Walter
>
>
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
