[TLS] Key exchange with DH_RSA

[Ali Fessi <ali.fessi@xxxxxxxxxxxxxxxx>]

Hi all,

The TLS specification says (RFC4346 - Section 7.4.3. "Server Key 
Exchange Message")

"It is not legal to send the server key exchange message for the
following key exchange methods:

     RSA
     DH_DSS
     DH_RSA"

But in case of *DH_RSA*, how can the DH exchange be completed if the 
client does not receive any DH value from the server in the "Server Key 
Exchange Message", nor does the certificate in the "Server Certificate" 
message include any helpful information to complete the DH exchange 
(since the public key of the certificate is an RSA public key)?

In other words: how can a *non-ephemeral* DH be achieved, if the 
server's certificate key type is RSA?

Thanks in advance!

 Ali

--
Ali Fessi
Computer Networks and Internet
Wilhelm Schickard Institute for Computer Science
University of Tuebingen, Germany
Phone: +49 7071 29-70576 / Fax: +49 7071 29-5220
EMail: ali.fessi@xxxxxxxxxxxxxxxx
Web: http://net.informatik.uni-tuebingen.de/~fessi/

_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls