SSL_new ?
If you want any more information in order to answer the above questions,
please do ask me.
Thanks,
~ Urjit
- Original Message -
From: Kyle Hamilton [EMAIL PROTECTED]
To: openssl-users@openssl.org
Sent: Thursday, February 02, 2006 9:37 PM
Subject: Re: Can I have SSL for peer
cipher:[EDH-RSA-DES-CBC3-SHA],version:[TLSv1/SSLv3]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Urjit Gokhale
Sent: Wednesday, February 08, 2006 11:07 AM
To: openssl-users@openssl.org
Subject: Re: Can I have SSL for peer authentication only
On Tue, Jan 24, 2006 at 06:44:30PM +0530, Urjit Gokhale wrote:
Hi all,
I am planning to use SSL for the communication between my client and
server. The idea is to use SSL *mainly* for peer authentication and
validation (Both server and client authentication by means of
certificates).
On 2/2/06, Katie Lucas [EMAIL PROTECTED] wrote:
On Tue, Jan 24, 2006 at 06:44:30PM +0530, Urjit Gokhale wrote:
Hi all,
I am planning to use SSL for the communication between my client and
server. The idea is to use SSL *mainly* for peer authentication and
validation (Both server and
1) Is it possible to use SSL only for the sake of peer
authentication + validation and transfer un-encrypted data over this
channel ?
How about; you open the sockets using your socket level
interface. Then you attach SSL constructs to both ends, but with the
don't close this option.
On Thu, Feb 02, 2006 at 05:09:42PM +0100, Alain Damiral wrote:
1) Is it possible to use SSL only for the sake of peer
authentication + validation and transfer un-encrypted data over this
channel ?
How about; you open the sockets using your socket level
interface. Then you attach
Katie Lucas wrote:
On Thu, Feb 02, 2006 at 05:09:42PM +0100, Alain Damiral wrote:
But with no cryptographic digest you have no guarantee that the data you
receive provides from the person who showed his certificate. I think it
would be vulnerable to a man in the middle type of attack.
Brief primer on SSL/TLS:
1) Server has a public and private key pair. Optionally, the client
has a public and private key pair. Any public key is authenticated by
a 'certificate', which is a set of data attached to the public key,
the entirety of which has a hash encrypted by the private key of
Kyle Hamilton wrote:
In France (unless the laws have changed) it's illegal to use
cryptography to encrypt data payload, but not illegal to use
cryptography as a means of identification. This is, if I understand
Netscape's and the IETF's motives correctly, the only reason why the
NULL cipher
Hi all,
I am planning to use SSL for the communication
between my client and server. The idea is to use SSL *mainly* for peer
authentication and validation (Both server and client authentication by means of
certificates). Regarding the data encryption, I would like to have it as an
Hi and welcome,
I haven't thought hardly about what you're trying to do but my first
intuition tells me that encryption also has some part to play in
authentication that you're missing. My knowledge of SSL is limited but I
think it is safe to say that private/public key (assymetric)
Urjit Gokhale wrote:
Hi all,
I am planning to use SSL for the communication between my client and
server. The idea is to use SSL *mainly* for peer authentication and
validation (Both server and client authentication by means of
certificates). Regarding the data encryption, I would like to
Bernhard Froehlich wrote:
Maybe this would be possible using the NULL cipher combined with DH
authentication...
(The official NULL cipher suites use RSA authentication.) The answer to
the first question of the OP is yes, use a NULL cipher suite.
But if your problem is only performance I
13 matches
Mail list logo
