[openssl-dev] [openssl.org #3744] Enhancement Request
Shawn Fernandes via RT
rt at openssl.org
Wed Mar 11 12:28:53 UTC 2015
Hi,
At the moment, we have SSL handshake making use of a single certificate, using a single key-pair present in the certificate.
In the event the MITM has the same certificate(SSL - offloader) then the data can be encrypted/decrypted.
Would like to know if we can have the enhancement of using random key pair, generated form each certificate, so that each SSL handshake would make use of a random key-pair, and thereby give a different key value to each encryption -decryption, and therby be able to determine if the MITM with a same certificate has decrypted & encrypted data.
With Regards,
Shawn
More information about the openssl-dev
mailing list