[Ach] OpenSSL Cipher Strings: kDHE/kECDHE

Peter Ulber pu at uni-konstanz.de
Tue Mar 10 12:18:55 CET 2015

Hi Aaron,

thanks a lot for your answer.

> It's confusing. So the basic story behind this is that OpenSSL has
> changed their naming of (and how they interpret) cipherstrings. Where
> kDHE/kECDHE are the "newer" nomenclature. Because we also need to
> support old OpenSSL versions we use the old nomenclature.
> If you want to play around with that:
> https://github.com/azet/openssl-compare

Nice tool, thanks. So e.g. kDHE is a notation which is supported by
OpenSSL 1.0.2 (and newer). Before that we have DHE. So in a nutshell:



> Aaron


Peter Ulber --- KIM Basisdienste an der Universität Konstanz
V404 (Tel: +49 7531 88 2622) - Mail/XMPP: pu at uni-konstanz.de
S/MIME Fingerprint: E1353193E1BD5ED2F34759168686ABAEFF1F7B9D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6192 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/ach/attachments/20150310/c8edf665/attachment.bin>

More information about the Ach mailing list