Re: Questions about using Elliptic Curve ciphers in OpenSSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Jason Schultz <jetson23@xxxxxxxxxxx>, "openssl-users@xxxxxxxxxxx" <openssl-users@xxxxxxxxxxx>
Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL
From: "Salz, Rich via openssl-users" <openssl-users@xxxxxxxxxxx>
Date: Tue, 11 Feb 2020 16:37:27 +0000
Accept-language: en-US
In-reply-to: <CH2PR10MB4214DEC8915726485F33AD13C7180@CH2PR10MB4214.namprd10.prod.outlook.com>
References: <CH2PR10MB4214B7DE7E6C2B67A05BE0F2C71C0@CH2PR10MB4214.namprd10.prod.outlook.com> <CH2PR10MB4214DEC8915726485F33AD13C7180@CH2PR10MB4214.namprd10.prod.outlook.com>
Reply-to: "Salz, Rich" <rsalz@xxxxxxxxxx>
User-agent: Microsoft-MacOutlook/10.22.0.200209

The first thing I would suggest is to separate ECDH, the session key exchange, from ECDSA, the signature. Try to make ECDH with RSA work. Then just load your ECDSA cert; you can load one cert of each type (RSA DSA) and the runtime will figure out what to do, depending on what the client offers.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- Re: Questions about using Elliptic Curve ciphers in OpenSSL
  - From: Jason Schultz

References:
- Questions about using Elliptic Curve ciphers in OpenSSL
  - From: Jason Schultz
- Re: Questions about using Elliptic Curve ciphers in OpenSSL
  - From: Jason Schultz

Prev by Date: RE: Issues with ASYNC_pause_job() wake up
Next by Date: Re: Questions about using Elliptic Curve ciphers in OpenSSL
Previous by thread: Re: Questions about using Elliptic Curve ciphers in OpenSSL
Next by thread: Re: Questions about using Elliptic Curve ciphers in OpenSSL
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux