> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Jakob Bohm
> Sent: Thursday, December 07, 2017 01:44
> >
> Actually in some of my code, I have found that the callback can
> still be useful by examining the SSL session argument to
> heuristically identify likely clien
On 06/12/2017 20:25, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Viktor Dukhovni
Sent: Wednesday, December 06, 2017 13:21
On Dec 6, 2017, at 8:51 AM, Michael Wojcik
wrote:
Note: If you use OpenSSL 1.0.x and you use the DH parameter callb
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Viktor Dukhovni
> Sent: Wednesday, December 06, 2017 13:21
>
> > On Dec 6, 2017, at 8:51 AM, Michael Wojcik
> wrote:
> >
> >
> > Note: If you use OpenSSL 1.0.x and you use the DH parameter callback, be
> > aware that
> On Dec 6, 2017, at 8:51 AM, Michael Wojcik
> wrote:
>
>
> Note: If you use OpenSSL 1.0.x and you use the DH parameter callback, be
> aware that the callback isn't invoked in a useful manner by OpenSSL. (It
> always asks for a 1024-bit group, unless an export cipher suite was selected,
>
For TLSv1.3, servers are no longer allowed to specify arbitrary DH groups (for
finite-field or EC DH). They must use one of the named groups. So for 1.3,
there's no point in generating your own groups; conforming implementations
can't use them.
For finite-field DH, those are the groups specifie
Hi Jakob and Paul,
Thank you so much for the reply. We have the RSA certificates. I wanted to
understand how generally DH parameters are generated. Thanks for the
detailed answers.
Regards
Jayalakshmi
On Wed, Dec 6, 2017 at 12:48 AM, Jakob Bohm wrote:
> On 06/12/2017 07:02, Jayalakshmi bhat wr
On 06/12/2017 07:02, Jayalakshmi bhat wrote:
Hi,
We are planning to use DHE_RSA TLS ciphers into our product. I have
few questions on using DH parameter. We would like to use DH-2048.
our product includes both TLS client and server applications. Thus any
time there will be considerable numbe
