On 5/15/08, PoWah Wong <
wong_powah@...> wrote:
> Use TLS_RSA_WITH_AES_256_CBC_SHA (AES256-SHA) to replace SSL_RSA_WITH_RC4_128_MD5 (RC4-MD5)
> and TLS_DH_anon_WITH_AES_256_CBC_SHA (ADH-AES256-SHA) to replace
> SSL_DH_anon_WITH_RC4_128_MD5 (ADH-RC4-MD5), right?
I'm not clear on what your goal is, but if you are writing both the
client and server applications that communicate only with each other
then you would be fine supporting only specific cipher suites such as
AES, but if you are writing only one end of it (client or server),
then be aware that AES is not compatible with RC4, so your application
would need to support at least one of the cipher suites which the
other end requires.
In the later case, if your application supports both AES and RC4, and
if the other end supports AES the SSL handshake negotiation will
select the better cipher AES, and if the other end only supports RC4
then it will be selected instead.
-Chris
______________________________________________________________________
OpenSSL Project
http://www.openssl.orgUser Support Mailing List
openssl-users@...
Automated List Manager
majordomo@...
