well..i took a quick look and the client chooses a premaster secret and the various keys are a function of it..doesnt look like theres any scope for a DH exchange..Maybe some of the experienced security pple can help
Sudharsan On 5/25/06, Sudharsan Rangarajan <[EMAIL PROTECTED]> wrote:
I must apologize for not being SSL specific..But it gives u a hint and u can take a look at the SSL specs and see what they allow. Sudharsan On 5/25/06, Sudharsan Rangarajan <[EMAIL PROTECTED]> wrote: > Im not sure if SSL gives u such options, but the best way to prevent > compromise of a RSA key would be to establish a diffie hellman key. > You would want to do a shared secret anyawy..and im sure SSL does > it..if the shared secret is computed using diffie hellman and nobody > gets hold of the exponents..u r safe > > Sudharsan > > On 5/25/06, Sreeram Kandallu <[EMAIL PROTECTED]> wrote: > > Hi All > > > > Is it possible to decrypt a recorded SSL session, if the attacker gains > > access to the RSA private keys at a later point in time? If yes, what > > would be the best way to avoid this? > > > > Thanks in Advance! > > Regards > > Sreeram > > > > > > > > >
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
