[openssl-users] Anonymous DH (ADH) in real world applications

Anton anton at picapica.im
Sun Aug 19 12:36:30 UTC 2018


Does anyone know some examples of applications using
ADH ciphersuites for TLS connections in production

I know it is vulnerable to MITM, but it still can
be useful, for example if communicating devices do
not store state data for authentication (unique
certificate per instance), but protection from
passive eavesdropping is desirable.

Is it reasonable to expect having ADH support enabled
in future releases of OpenSSL?


More information about the openssl-users mailing list