amineh salehi <[EMAIL PROTECTED]> writes:

> at page 72 in rfc2246 :The following cipher specifications are carryovers
> from SSL Version 2.0. These are assumed to use RSA for key exchange and
> authentication. 
> my question was about this note.

The lines you quoted is at page 66 of RFC2246.
DH key exchange is not a part of SSL v2.0. The only defined
cipher suites in the SSL v2.0 standard [1] is the ones which are
listed as carryovers from SSL Version 2.0 in RFC2246. See
Appendix C.4 in the SSL V2.0 standard and Appendix E of RFC2246.

> Mr Tveit, pleas explain more for me about "signature be omitted entirely"
> in anonymous key exchange, or give me its reference. thank you for your
> attention.

The original published paper [2] is different from the revised
version [3]. Please read chapter 4.5 of both documents.

[1] http://wp.netscape.com/eng/security/SSL_2.html
[2] http://www.schneier.com/paper-ssl.pdf
[3] http://www.schneier.com/paper-ssl-revised.pdf

Regards,
-- 
Jostein Tveit <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to