[openssl-users] explicitly including other ciphers.

Jakob Bohm jb-openssl at wisemo.com
Fri Dec 4 02:11:28 UTC 2015

Since the network is (as I understand it) physically secure
against wiretapping, how about using plain http with http auth?

Or are you trying to protect against TCP connection hijacks by
other computers/processes on the "secure" network?

On 04/12/2015 00:35, Ron Croonenberg wrote:
> The network is isolated from the outside worl,   BUT  we still need
> authentication because different users are using it.
> So what I preferably want is sort of a set up where,
> authentication is done the "standard way" and after that just use the
> https connection without the overhead of actually encrypting anything.
> (and the lesss modifications and recompiling the better)
> thanks,
> Ron
> On 12/03/2015 02:50 PM, Richard Moore wrote:
>> On 2 December 2015 at 17:53, Ron Croonenberg <ronc at lanl.gov
>> <mailto:ronc at lanl.gov>> wrote:
>>     So the idea is to use an object store on an isolated network and
>>     push and get objects out of it using https.
>> ​If network is fully isolated you could use plain text. Using 'https'
>> and null encryption is basically just pretending to do security.


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list