On Mon, 24 Aug 2009, Emmanuel Dreyfus wrote:
Howard Chu hyc@symas.com wrote:
But certificates are not a required element for encryption of a connection - after all, TLS also supports anonymous Diffie-Hellman key exchange.
Sure, but encryption without authentication makes little sense, as you don't know who you are securely speaking to: you can get an encrypted link to a man in the middle.
Heh, I have this vision of libldap changing the default cipher suite based on the TLS_VERIFY setting, such that any setting that doesn't do complete validation of certs would have the library prefer to use an anonymous cipher suite instead.
"You're not actually protecting yourself against MitM attacks, so we're enabling the lower-latency anonymous suites."
(...at least my memory is that the ADH handshake is cheaper than the RSA handshake...)
Philip Guenther