[openssl-users] Diffie-Hellman Questions
rsalz at akamai.com
Wed May 25 22:39:33 UTC 2016
> NO, Rich is making a mistake, ADH is ephemeral of necessity, since without
> long-term keys in certificates it is impossible to use long-term keys whose
> disclosure might later compromise confidentiality.
Except that your code can always use the same keypair if it screws up the callback. And that's what I meant.
But Viktor's advice is spot-on.
More information about the openssl-users