Hello, > > > Bulk encryption is generally fast enough (~50MB/s per CPU...) that you > > > saturate most network interfaces well before you run out of CPU. If you > > > have multiple Gigabyte interfaces, you can disable encryption (the eNULL > > > ciphersuite), but then you lose data-integrity > > You lose data encryption, but data integrity mechanism (MAC) > > is not dependent on encryption and may be used without it. > > great, so I can do full bi-directional authentication of server and client > cert but if someone insists on streaming performance being too slow > they can configure it so that I use eNULL without changing the rest of > the BIO operations. sounds nice if this is possible.
It is possible, good example you can find in Victor Duchovni post: http://www.nabble.com/Re%3A-Use-ssl-only-certification--p4364592.html (no encryption, data integrity with SHA) Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
