Re: cipher algorithms

2008-03-10 Thread Brian Trzupek
I can partially answer question #1. Yes, the client send the list of ciphers it supports to the server. The server will then pick the 'strongest' cipher from the list for negotiating the session. The priority is based on strength, best I can tell and differ between server implementations. F

RE: cipher algorithms

2008-03-05 Thread Marek . Marcola
Hello, > One last question, can an algorithm or cipher suite be enabled or disabled on OpenSSL by > an user (I mean, without needing to recompile and redistribute OpenSSL binaries)? Yes, from server or client point of view you can control this with SSL_CTX_set_cipher_list() function call. Best

RE: cipher algorithms

2008-03-05 Thread
Thanks very much! > -Original Message- > From: [EMAIL PROTECTED] [mailto:owner-openssl- > [EMAIL PROTECTED] On Behalf Of Shaw Graham George > Sent: quarta-feira, 5 de março de 2008 09:51 > To: openssl-users@openssl.org > Subject: RE: cipher algorithms > > > Su

RE: cipher algorithms

2008-03-05 Thread Shaw Graham George
Surely http://www.openssl.org/docs/ssl/SSL_CTX_set_cipher_list.html. G. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Baur, Mateus (Brazil R&D-CL) Sent: 05 March 2008 12:25 To: openssl-users@openssl.org Subject: RE: cipher algorithms Yes, I

RE: cipher algorithms

2008-03-05 Thread
that. Your answer reinforces that. Thanks, Mateus > -Original Message- > From: [EMAIL PROTECTED] [mailto:owner-openssl- > [EMAIL PROTECTED] On Behalf Of David Schwartz > Sent: quarta-feira, 5 de março de 2008 09:12 > To: openssl-users@openssl.org > Subject: RE:

RE: cipher algorithms

2008-03-05 Thread David Schwartz
> Thanks Marek! > > One last question, can an algorithm or cipher suite be enabled or > disabled on OpenSSL by an user (I mean, without needing to > recompile and redistribute OpenSSL binaries)? You can definitively disable an algorithm by not including it in the libraries. Most programs that use

RE: cipher algorithms

2008-03-05 Thread
t; [EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] > Sent: quarta-feira, 5 de março de 2008 05:51 > To: openssl-users@openssl.org > Subject: Re: cipher algorithms > > Hello, > > I have some doubts regarding OpenSSL cipher algorithms and I was > wondering if someone > > could

Re: cipher algorithms

2008-03-05 Thread Marek . Marcola
Hello, > I have some doubts regarding OpenSSL cipher algorithms and I was wondering if someone > could help me with that. > > 1) If my understanding is correct, the client sends the list of supported cipher > algorithms and the server will choose one algorithm of such list in order to