On 19/08/2018 14:36, Anton wrote:
Hello Does anyone know some examples of applications using ADH ciphersuites for TLS connections in production environment? I know it is vulnerable to MITM, but it still can be useful, for example if communicating devices do not store state data for authentication (unique certificate per instance), but protection from passive eavesdropping is desirable. Is it reasonable to expect having ADH support enabled in future releases of OpenSSL? Anton
The common secure use is to combine ADH with a mechanism that authenticates the session (handshake messages and or a derived value) over the connection, thus removing the MiTM problem. That mechanism is generally application level, but may or may not use various dedicated TLS features to get such a derived value, depending on the oldest TLS library originally supported by that application protocol (for example if the application protocol was originally designed to cope with TLS libraries that provide only "form X" of the handshake data, then the the application protocol would specify an element that authenticates the "form X" value and won't interoperate with code that uses a more modern "form Y" value even if the application code no longer supports TLS libraries not offering "form Y"). (As usual, X and Y are placeholders). Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
