On 9/15/2011 5:21 AM, Dave Thompson wrote:
In the past, this fact has caused common SSL clients (browsers etc.)
to regularly turn off older ciphersuites to protect against false
servers that deliberately downgrade to weak protocol versions and
ciphersuites, whenever such an attack became too easy
> From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
> Sent: Tuesday, 13 September, 2011 07:33
> On 9/13/2011 1:46 AM, Dave Thompson wrote:
> >> From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
> >> Sent: Monday, 12 September, 2011 03:52
> >> On 9/9/2011 10:13 PM, krishnamu
On 9/13/2011 1:46 AM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
Sent: Monday, 12 September, 2011 03:52
On 9/9/2011 10:13 PM, krishnamurthy santhanam wrote:
The normal way to do this is:
1. On the side running openssl, just let openssl handle the
entir
> From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
> Sent: Monday, 12 September, 2011 03:52
> On 9/9/2011 10:13 PM, krishnamurthy santhanam wrote:
> The normal way to do this is:
>
> 1. On the side running openssl, just let openssl handle the
> entire process,
> including any AES
On 9/9/2011 10:13 PM, krishnamurthy santhanam wrote:
I am implementing SSL on server side to authenticate the client
certificate(X.509) and also client will authenticate the servers
certificate(X.509). Once the mutual authentication has completed server has
to generate AES key for encryption
I am implementing SSL on server side to authenticate the client
certificate(X.509) and also client will authenticate the servers
certificate(X.509). Once the mutual authentication has completed server has
to generate AES key for encryption and decryption.
In server side I am creating 256 bi
