Andrew Cooke wrote:
>
>
> Although my post, in retrospect sounded like eay is some kind of font of
> eternal knowledge, I meant just that since he wrote the thing, he could
> explain the design decisions.
>
> Anyway, I've now found the following two posts which shed light on the
> historic basis for support (or not) of DH:
>
> http://remus.prakinf.tu-ilmenau.de/ssl-users/archive25/0085.html
> http://remus.prakinf.tu-ilmenau.de/ssl-users/archive19/0160.html
>
I can vaguely recall seeing that at the time.
We can get equivalent "protection" by not enabling anon DH unless it is
specifically included in the cipher list: still disallowing it when a
user has declared some knowledge of it by explicitly stating they want
it is IMHO plain silly.
The DH referred to in the other message is PKCS#3 DH which, whereas the
only DH certificates are now X9.42 and still only present AFAIK in the
S/MIME v3 examples group. X9.42 solves some of the problems of PKCS#3 in
certificates but it is still awkward. X9.42 DH didn't exist at the time
of the message.
The honouring of X509v3 usage extensions BTW: I partially added that a
few weeks ago to the development release.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
