[openssl-dev] s_client version 1.1 fails to handshake to s_server when -nocert option
Michel
michel.sales at free.fr
Mon Jan 25 21:26:49 UTC 2016
I just found the man about setting the security level which is very helpful.
May I suggest that a link be added to the 'see also' paragraph of the
ciphers documentation ?
>From https://www.openssl.org/docs/manmaster/apps/ciphers.html
To https://www.openssl.org/docs/manmaster/ssl/SSL_set_security_level.html
> this is a good time to discuss whether @SECLEVEL should have any bearing
on aNULL support.
Unfortunatly, I have no valuable opinion, but I would be pleased to read
about arguments that will be discussed on this list.
Thanks again,
Michel.
-----Message d'origine-----
De : openssl-dev [mailto:openssl-dev-bounces at openssl.org] De la part de
Viktor Dukhovni
Envoyé : lundi 25 janvier 2016 18:48
À : openssl-dev at openssl.org
Objet : Re: [openssl-dev] s_client version 1.1 fails to handshake to
s_server when -nocert option
> On Jan 25, 2016, at 11:36 AM, Michel <michel.sales at free.fr> wrote:
>
> Thank you very much for your answer Viktor !
> It works, using :
> openssl s_server -nocert -cipher "ALL:@STRENGTH:@SECLEVEL=0"
> openssl s_client -cipher "ALL:@STRENGTH:@SECLEVEL=0"
> I was able to handshake a "AECDH-AES256-SHA" cipher.
> :-)
> I will try to investigate deeper around the SECLEVEL=... keyword that I
> completely missed.
It is a very new feature and easy to miss amidst all other other new
features. I am currently working on fixing some corner cases in this
very code, so this is a good time to discuss whether @SECLEVEL should
have any bearing on aNULL support. My instinct is that it should not,
and I'm going to submit code that allows one to set a floor on the
various crypto primitives allowed even for aNULL connections (which
may be authenticated by other means).
--
Viktor.
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
More information about the openssl-dev
mailing list