--- On Thu, 5/15/08, Chris Clark <[EMAIL PROTECTED]> wrote:
> From: Chris Clark <[EMAIL PROTECTED]>
> Subject: Re: RC4-MD5 cipher suites rep;acement
> To: openssl-users@openssl.org
> Received: Thursday, May 15, 2008, 1:46 PM
> On 5/15/08, PoWah Wong <[EMAIL PROTECTED]> wrote:
> > Use TLS_RSA_WITH_AES_256_CBC_SHA
> (AES256-SHA) to replace SSL_RSA_WITH_RC4_128_MD5 (RC4-MD5)
> > and TLS_DH_anon_WITH_AES_256_CBC_SHA (ADH-AES256-SHA)
> to replace
> > SSL_DH_anon_WITH_RC4_128_MD5 (ADH-RC4-MD5), right?
>
> I'm not clear on what your goal is, but if you are
> writing both the
> client and server applications that communicate only with
> each other
> then you would be fine supporting only specific cipher
> suites such as
> AES, but if you are writing only one end of it (client or
> server),
> then be aware that AES is not compatible with RC4, so your
> application
> would need to support at least one of the cipher suites
> which the
> other end requires.
>
> In the later case, if your application supports both AES
> and RC4, and
> if the other end supports AES the SSL handshake negotiation
> will
> select the better cipher AES, and if the other end only
> supports RC4
> then it will be selected instead.
>
> -Chris
> ______________________________________________________________________
I am writing both the client and server applications that communicate only with
each other.
However, I need to allow the users to use either one of the existing client and
server applications. i.e. the users can upgrade either the client or server or
both to use AES. Therefore the new client or server will support AES first,
then RC4 second.
__________________________________________________________________
Ask a question on any topic and get answers from real people. Go to Yahoo!
Answers and share what you know at http://ca.answers.yahoo.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
