[Ach] OpenSSL Cipher Strings: kDHE/kECDHE
Peter Ulber
pu at uni-konstanz.de
Tue Mar 10 12:18:55 CET 2015
Hi Aaron,
thanks a lot for your answer.
> It's confusing. So the basic story behind this is that OpenSSL has
> changed their naming of (and how they interpret) cipherstrings. Where
> kDHE/kECDHE are the "newer" nomenclature. Because we also need to
> support old OpenSSL versions we use the old nomenclature.
> If you want to play around with that:
> https://github.com/azet/openssl-compare
Nice tool, thanks. So e.g. kDHE is a notation which is supported by
OpenSSL 1.0.2 (and newer). Before that we have DHE. So in a nutshell:
DHE = kDHE:!aNULL
Right?
> Aaron
Regards,
Peter
--
Peter Ulber --- KIM Basisdienste an der Universität Konstanz
V404 (Tel: +49 7531 88 2622) - Mail/XMPP: pu at uni-konstanz.de
https://www.rz.uni-konstanz.de/rechenzentrum/team/peterulber
S/MIME Fingerprint: E1353193E1BD5ED2F34759168686ABAEFF1F7B9D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6192 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/ach/attachments/20150310/c8edf665/attachment.bin>
More information about the Ach
mailing list