Thanks for answering. The ADH ciphers is a little above my head right now though. ;-)
As for the approach I'm sketching, I was under the impression that SSL could function as easy as that, where the server has got a self-signed certificate with a public and secret key, and then whatever client, with a certificate on their own, could connect to the server with SSL and get an encrypted connection. Am I wrong? Also, is my model naive considering this: At the server side I don't care that any client can connect. Whoever connects still has to supply a username/password that is matched with a back-end database to grant them access to the service. As for the client side, all servers will reside within our network, and the clients will connect to our IP-numbers (not domain names). Either they trust us when we hand them an IP to connect to, or they don't. Is it still any need for certificates for authentication? Andreas ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]