[reSIProcate] TLS/WSS support for DH, ECDH and PFS added
Karlsson
boost.regex at gmail.com
Mon Sep 21 03:30:10 CDT 2015
Hi Daniel, about the Diffie-Hellman (DH) parameters file, does it is only
one file for global ? For example, I have set more than one TLS transports
for multiple domains but just need only one DH file, right ? And the DH
file is a random content not relates to any domain ?
Thanks
On Thu, Sep 17, 2015 at 11:59 PM, Daniel Pocock <daniel at pocock.pro> wrote:
>
>
> I've just added support for Diffie Hellman (DH and ECDH) on TLS transports.
>
> This won't be backported to 1.9.x, it will be part of the 1.10.0 release.
>
> It is briefly explained in repro.config, see TlsDHParamsFilename
>
> If a client doesn't support DH or ECDH and if you have enabled cipher
> suites without DH or ECDH then a connection is still possible.
>
> If you change the list of cipher suites to only support DH or ECDH
> ciphers, then it will only accept connections with peers capable of
> using this.
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel at resiprocate.org
> https://list.resiprocate.org/mailman/listinfo/resiprocate-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20150921/4d2433fe/attachment.htm>
More information about the resiprocate-devel
mailing list