[openssl-dev] [openssl.org #3953] Bug: !RSA does not exclude aRSA
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Jul 22 21:18:01 UTC 2015
On Wed, Jul 22, 2015 at 08:49:05PM +0000, Kurt Roeckx via RT wrote:
> On Wed, Jul 22, 2015 at 07:38:48PM +0000, Lynch, Paul[E] via RT wrote:
> > The ciphers documentation page (https://www.openssl.org/docs/apps/ciphers.html) says:
> >
> > "kRSA, aRSA, RSA
> > cipher suites using RSA key exchange, authentication or either respectively."
> >
> > That sounds like "RSA" should be a superset of kRSA and aRSA, but actually aRSA includes cipher suites not in "RSA", as can be seen from:
>
> I think the problem is that "RSA" does "and" instead of "or", and
> ends up being the same as "kRSA".
Yes, one way or another the "RSA" cipherstring is just "kRSA".
--
Viktor.
More information about the openssl-dev
mailing list