Re: explicitly including other ciphers for use with https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



consider it an appliance, there are no user on this IB-fabric/network just machines with no users/logins that communicate with each other.

I am looking for speed at this point, safety is not a concern, I can solve that otherwise later.

Besides, I am trying to have a discussion about if something is secure or not, I am trying to figure out how to use/compile mod_ssl/apache where I'll be able to use the eNULL cipher.


Ron


On 12/07/2015 06:40 PM, Jacob Champion wrote:
On 12/07/2015 05:06 PM, William A Rowe Jr wrote:
On Mon, Dec 7, 2015 at 2:39 PM, Ron Croonenberg <ronc@xxxxxxxx
<mailto:ronc@xxxxxxxx>> wrote:

    Hello,

    I a building a storage system, using HTTP/HTTPS for ingesting data.

    I would like to use the authentication over HTTPS, while after that
    I want no encryption on the data because of peformance.


Then you probably don't understand the performance impact of TLS.

To help Ron out a little... he's coming from this conversation [1] on
the openssl-users mailing list, where he's described his rather unusual
network topology already.

I'm still unsure as to whether or not his proposed solution is secure...
but I am convinced that his use case is atypical.

Otherwise,
any man-in-the-middle can observe the data in transit and alter
the data passed between your client and backend storage server

Wait, why does the use of NULL encryption have any effect on the
authenticity/integrity characteristics of the cipher? I asserted
otherwise on openssl-users and was not corrected...

--Jacob

[1] https://marc.info/?t=144900982700003&r=1&w=2

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux