David Murphy <[EMAIL PROTECTED]>:
> 1. We have been told that we need a DSA (not RSA) certificate when
> [using] Diffie Hellman.
Not true. If you want to use Diffie-Hellman to avoid the patented RSA
algorithms, then obviously you cannot use RSA (leaving only DSA for
the certificates because DH certificates are merely a rumor); but
if you want to use DH ciphersuites to get forward secrecy, you could
just as well use RSA-based ones.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
