[openssl-users] Diffie-Hellman Questions

Salz, Rich rsalz at akamai.com
Wed May 25 22:39:33 UTC 2016

> NO, Rich is making a mistake, ADH is ephemeral of necessity, since without
> long-term keys in certificates it is impossible to use long-term keys whose
> disclosure might later compromise confidentiality.

Except that your code can always use the same keypair if it screws up the callback.  And that's what I meant.

But Viktor's advice is spot-on.

More information about the openssl-users mailing list