W3C home > Mailing lists > Public > www-lib@w3.org > October to December 1999

RE: Use OpenSSL without RSA

From: Olga Antropova <olga@goliath.eai.com>
Date: Tue, 05 Oct 1999 11:29:59 -0500 (CDT)
Message-ID: <XFMail.991005112959.olga@eai.com>
To: yajun_liu@peoplesoft.com
Cc: www-lib@w3.org
Jajun,

I think you can find answers in OpenSSL mailing list archives. 
Though major browsers support only RSA for session key establishment.
So if you got to use browsers - you cannot do w/o RSA. 

Olga.
 
On 04-Oct-99 yajun_liu@peoplesoft.com wrote:
> I'm trying to use OpenSSL without RSA. I read SSL3 spec  and found the
> following Cipher Suites:
> 
> CipherSuite SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA        = { 0x00,0x0B };
> CipherSuite SSL_DH_DSS_WITH_DES_CBC_SHA                 = { 0x00,0x0C };
> CipherSuite SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA            = { 0x00,0x0D };
> CipherSuite SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA       = { 0x00,0x11 };
> CipherSuite SSL_DHE_DSS_WITH_DES_CBC_SHA                = { 0x00,0x12 };
> CipherSuite SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA           = { 0x00,0x13 };
> 
> I'm using OpenSSL as a SSL clinet.I have the following questions about
> using these CipherSuites:
> 
> 1) Are there any CAs like Verisign providing server certificates for the
> suites?
> 2) Do IIS and other major web servers support them?
> 3) Does OpenSSL support them?
> 4) If I use OpenSSL with these cipherSuites in/out US, do I need to pay
> anybody?
> 
> Thanks.
> 
> --Yajun
Received on Tuesday, 5 October 1999 12:31:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 23 April 2007 18:18:35 GMT