RE: [users@httpd] A question on HTTPs protocol

Mon, 28 Jan 2008 08:44:30 -0800 

I just realised I actually meant to say:

 SSLProxyCipherSuite NULL

Of course, of course... a horse is a horse.
-ascs
 
-----Message d'origine-----
De : Axel-Stephane SMORGRAV 
Envoyé : lundi 28 janvier 2008 08:26
À : users@httpd.apache.org
Objet : RE: [EMAIL PROTECTED] A question on HTTPs protocol

You probably want to use

SSLCipherSuite NULL


$ openssl ciphers -v NULL       
AECDH-NULL-SHA          SSLv3 Kx=ECDH     Au=None Enc=None      Mac=SHA1
ECDHE-RSA-NULL-SHA      SSLv3 Kx=ECDH     Au=RSA  Enc=None      Mac=SHA1
ECDH-RSA-NULL-SHA       SSLv3 Kx=ECDH     Au=RSA  Enc=None      Mac=SHA1
ECDHE-ECDSA-NULL-SHA    SSLv3 Kx=ECDH     Au=ECDSA Enc=None      Mac=SHA1
ECDH-ECDSA-NULL-SHA     SSLv3 Kx=ECDH     Au=ECDSA Enc=None      Mac=SHA1
NULL-SHA                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=SHA1
NULL-MD5                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=MD5  


-ascs
Disclaimer: I am not an SSL expert :-)

-----Message d'origine-----
De : Qingshan Xie [mailto:[EMAIL PROTECTED] Envoyé : lundi 28 janvier 2008 
07:09 À : users@httpd.apache.org Objet : [EMAIL PROTECTED] A question on HTTPs 
protocol

This maybe a little crazy or sounds silly.  We have a reverse proxy talks to 
the backend Apache in SSL.  However for better performance we wonder if we can 
disable the request encryption and decryption but only ssl-handshake?   This 
pretty much like SSH pipe, once the trust-relation established, the pipe 
created, there is no need of encryption/decryption in data transaction.  Can 
SSL experts shed some light on it?

Many Thanks,
Q.Xie




      
____________________________________________________________________________________
Never miss a thing.  Make Yahoo your home page. 
http://www.yahoo.com/r/hs

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to