On Fri, Jan 11, 2008, Victor Duchovni wrote:
> On Fri, Jan 11, 2008 at 07:28:00PM +0100, Dr. Stephen Henson wrote:
>
> > On Fri, Jan 11, 2008, Rodney Thayer wrote:
> >
> > >
> > > I wonder if apache-ssl supports ECC...
> > >
> >
> > Apache currently has algorithm specific code for keys and cert
On Fri, Jan 11, 2008 at 07:28:00PM +0100, Dr. Stephen Henson wrote:
> On Fri, Jan 11, 2008, Rodney Thayer wrote:
>
> >
> > I wonder if apache-ssl supports ECC...
> >
>
> Apache currently has algorithm specific code for keys and certificates with
> only RSA and DSA included as standard. That mean
On Fri, Jan 11, 2008, Rodney Thayer wrote:
>
> I wonder if apache-ssl supports ECC...
>
Apache currently has algorithm specific code for keys and certificates with
only RSA and DSA included as standard. That means each new public key
algorithm needs to be added as a special case.
Steve.
--
Dr S
On Fri, Jan 11, 2008 at 08:41:23AM -0800, Rodney Thayer wrote:
> That's great. I wonder what they tested it with. Probably
> the OpenSSL s_server tool ;-)
>
> I wonder if apache-ssl supports ECC...
If it uses OpenSSL, and is linked against 0.9.9 (i.e. not yet), then
ECDSA support requires no n
[EMAIL PROTECTED] wrote:
Hello,
Does 'openssl s_server' support this? Are there public ECC TLS
implementations this is known to interoperate with?
You may look at Firefox source (NSS library).
In Firefox (2.0) you may view/control ssl ciphersuites entering
"about:config" url and next "ssl" as a
Victor Duchovni wrote:
On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote:
Does 'openssl s_server' support this? Are there public ECC TLS
implementations this is known to interoperate with?
OpenSSL s_server is a test tool, not an application. In 0.9.9 snapshot
builds, s_server sup
Victor Duchovni wrote:
OpenSSL s_server is a test tool, not an application.
openssl the program, as built in the 'apps' directory of the openssl
source tree, is a test tool APPLICATION that has been used for almost
a decade to debug and interop test other (mostly commercial) TLS
implementatio
Hello,
> Does 'openssl s_server' support this? Are there public ECC TLS
> implementations this is known to interoperate with?
You may look at Firefox source (NSS library).
In Firefox (2.0) you may view/control ssl ciphersuites entering
"about:config" url and next "ssl" as a filter word.
Next you m
On Thu, Jan 10, 2008 at 11:54:44PM -0500, Victor Duchovni wrote:
> On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote:
>
> > > Does 'openssl s_server' support this? Are there public ECC TLS
> > > implementations this is known to interoperate with?
> >
> > OpenSSL s_server is a test
And if you be a Python user, M2Crypto exposes ECC and the rest of
OpenSSL to your program.
On Jan 10, 2008, at 8:54 PM, Victor Duchovni wrote:
On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote:
Does 'openssl s_server' support this? Are there public ECC TLS
implementations thi
On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote:
> > Does 'openssl s_server' support this? Are there public ECC TLS
> > implementations this is known to interoperate with?
>
> OpenSSL s_server is a test tool, not an application. In 0.9.9 snapshot
> builds, s_server support ECDSA,
On Thu, Jan 10, 2008 at 05:37:47PM -0800, Rodney Thayer wrote:
> >To enable ECDSA certs, just configure an additional cert/key pair in
> >the server. You can configure up to 3 certficates, one RSA cert, one
> >DSA cert and one ECDSA cert. The code for adding more certs is the
> >same for RSA and D
Victor Duchovni wrote:
To enable EECDH on a TLSv1 server:
SSL_CTX *server_ctx
int nid;
EC_KEY *ecdh;
const char *curve;
/*
* Elliptic-Curve Diffie-Hellman parameters are either "named curves"
* from RFC 4492 section 5.1.1, or explicitly described curves over
13 matches
Mail list logo
