When do I need to install dh parameters?

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

When do I need to install dh parameters?

From:	Sam Varshavchik
Subject:	When do I need to install dh parameters?
Date:	Sat, 02 Oct 2010 18:14:57 -0400

Conceptually, I'm trying to understand when I need to install DH parametersif I'm using RSA certificates, using gnutls_certificate_set_dh_params(). Iunderstand that DH parameters are required when using DH server certs, butI've got a bunch of test code (an internal testsuite) that uses RSA certs,with gnutls on both the client and server side, setting up TLS sessions invarious ways -- installing a certificate up front, on the server side, orusing a callback to return a certificate for particular TLS sessionm, etc.

I find that sometimes I can get through a handshake without loading DHparameters, other times handshake fails unless I install them. As far as Ican see that's the only major difference between my code that works withoutDH parameters, and the one that fails to handshake unless DH parameters areinstalled. Am I on the right track, or are there also other situations?

pgpcEe8pM7pS5.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

When do I need to install dh parameters?, Sam Varshavchik <=
- Re: When do I need to install dh parameters?, Nikos Mavrogiannopoulos, 2010/10/03
  - Re: When do I need to install dh parameters?, Sam Varshavchik, 2010/10/03
    - Re: When do I need to install dh parameters?, Nikos Mavrogiannopoulos, 2010/10/07

Next by Date: memory leaks
Next by thread: Re: When do I need to install dh parameters?
Index(es):
- Date
- Thread