Re: DHE_DSS

Ben Laurie Fri, 23 Apr 1999 08:34:38 -0700
Buchs Christian wrote:
> 
> Hi,
> 
> In his message
> http://www.mail-archive.com/openssl-users@openssl.org/msg00298.html
> about DH Key Exchange, Bodo Moeller wrote:
> 
> > ... where RSA is
> > replaced by DSA (the specification calls those methods "DHE_DSS" and
> > "DH_DSS", unfortunately -- "DHE_DSA" etc. would make more sense).
> > I'm not sure if support for those is already completely available.
> 
> Does anybody knows if DHE_DSS is now available in the last versions of
> OpenSSL (using the command line tool openssl)? I have browsed the whole
> openssl-users database, but I haven't found an answer.
> 
> At least, DH Key Exchange wasn't available with OpenSSL 0.9.0a...
> (see the well done "FAQ: How to use SSLeay without RSA" on
> http://www.intertrader.com/library/SSLeay/no_rsa.cfm)
> 
> If DHE_DSS is now available, any CA example and
> certificate generation examples using the command line openssl
> would be welcomed. I use OpenSSL 0.9.1c.
> 
> Suggestion: in the readme file, the complete list of ciphersuites
> (with SSL or TLS spec notation would be clearer)
> that can be supported could be precised instead of giving the list
> of algorithms (not all combination are possible, right?).

ben@heap:~/work/openssl$ apps/openssl ciphers
EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:IDEA-CBC-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC3-MD5:IDEA-CBC-MD5:RC2-CBC-MD5:RC4-MD5:RC4-64-MD5:DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5

would, say, EDH-DSS-DES-CBC3-SHA be what you are looking for?

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
Re: DHE_DSS

Reply via email to
