[Ach] Issue with OpenSSL >0.9.8l <1.0.0

Aaron Zauner azet at azet.org
Sat Apr 26 20:40:23 CEST 2014



Torsten Gigler wrote:
> Am 26.04.2014 16:07, schrieb Aaron Zauner:
>> Again. DHE-RSA-AES128 missing.
> Yes, this woks as designed ;-)
> I'd suggest to exclude '0x00,0x33 - DHE-RSA-AES128-SHA' to protect
> aginst a possible incompatibility for JAVA6+7 & DH-Keys >1024bits
> So you do NOT get in trouble using keys with 2048bits :-)
I do not really understand what you mean? What's the difference here for
the Diffie-Hellman keyexchange? Only the Blockcipher is of different
strength. Could you elaborate on that a bit?



Aaron

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140426/14cf209d/attachment.sig>


More information about the Ach mailing list