Is it possible to establish an SSL connection with no compression? How?
While I'm at it, is it possible to use no encryption?
I.e. I only want SSL to authenticate/verify identity (handshake).
Cheers,
Corin.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
> Hi All,
>
> Is it possible to establish an SSL connection with no compression? How?
OpenSSL 1.0.0 provides a new option that can be set via
SSL_CTX_set_options() or SSL_set_options().
SSL_OP_NO_COMPRESSION
> While I'm at it, is it possible to use no encryption?
See ciphers(1). The "eNULL" ciphers offer no encryption, while
the "aNULL" ciphers offer no authentication. Usually you want
both, you are unlikely to want neither. Thus if you want eNULL,
make sure to exclude aNULL.
For encryption with no authentication:
aNULL:!EXP:!LOW:!eNULL:@STRENGTH
For authentication with no encryption:
eNULL:!EXP:!LOW:!aNULL:@STRENGTH
--
Viktor.