Skip to main content
Information Security

Return to Answer

replaced http://security.stackexchange.com/ with https://security.stackexchange.com/
Source Link
Community Bot
Community Bot
  • 1

You are mixing up key exchange and authentication. Key exchange is done so that both parties agree on the same encryption keys. Authentication of the server is done to make sure that the client is talking to the correct server and not to some man in the middle. The RSA/ECC key in the certificate is used for authentication. In case of RSA key exchange the RSA key in the certificate is also used of the key exchange but with DHE and ECDHE key exchanges the certificate key is not used. This means you can combine ECDHE key exchange with both RSA and ECC certificates.

For the deeper details see How does SSL/TLS work?How does SSL/TLS work?

You are mixing up key exchange and authentication. Key exchange is done so that both parties agree on the same encryption keys. Authentication of the server is done to make sure that the client is talking to the correct server and not to some man in the middle. The RSA/ECC key in the certificate is used for authentication. In case of RSA key exchange the RSA key in the certificate is also used of the key exchange but with DHE and ECDHE key exchanges the certificate key is not used. This means you can combine ECDHE key exchange with both RSA and ECC certificates.

For the deeper details see How does SSL/TLS work?

You are mixing up key exchange and authentication. Key exchange is done so that both parties agree on the same encryption keys. Authentication of the server is done to make sure that the client is talking to the correct server and not to some man in the middle. The RSA/ECC key in the certificate is used for authentication. In case of RSA key exchange the RSA key in the certificate is also used of the key exchange but with DHE and ECDHE key exchanges the certificate key is not used. This means you can combine ECDHE key exchange with both RSA and ECC certificates.

For the deeper details see How does SSL/TLS work?

added 94 characters in body
Source Link
Steffen Ullrich
Steffen Ullrich
  • 213.3k
  • 30
  • 423
  • 495

You are mixing up key exchange and authentication. Key exchange is done so that both parties agree on the same encryption keys. Authentication of the server is done to make sure that the client is talking to the correct server and not to some man in the middle. The RSA/ECC key in the certificate is used for authentication. It canIn case of RSA key exchange the RSA key in the certificate is also be partused of the key exchange but it doeswith DHE and ECDHE key exchanges the certificate key is not need to beused. This means you can combine ECDHE key exchange with both RSA and ECC certificates.

For the deeper details see How does SSL/TLS work?

You are mixing up key exchange and authentication. Key exchange is done so that both parties agree on the same encryption keys. Authentication of the server is done to make sure that the client is talking to the correct server and not to some man in the middle. The RSA/ECC key in the certificate is used for authentication. It can also be part of the key exchange but it does not need to be. This means you can combine ECDHE key exchange with both RSA and ECC certificates.

For the deeper details see How does SSL/TLS work?

You are mixing up key exchange and authentication. Key exchange is done so that both parties agree on the same encryption keys. Authentication of the server is done to make sure that the client is talking to the correct server and not to some man in the middle. The RSA/ECC key in the certificate is used for authentication. In case of RSA key exchange the RSA key in the certificate is also used of the key exchange but with DHE and ECDHE key exchanges the certificate key is not used. This means you can combine ECDHE key exchange with both RSA and ECC certificates.

For the deeper details see How does SSL/TLS work?

Source Link
Steffen Ullrich
Steffen Ullrich
  • 213.3k
  • 30
  • 423
  • 495

You are mixing up key exchange and authentication. Key exchange is done so that both parties agree on the same encryption keys. Authentication of the server is done to make sure that the client is talking to the correct server and not to some man in the middle. The RSA/ECC key in the certificate is used for authentication. It can also be part of the key exchange but it does not need to be. This means you can combine ECDHE key exchange with both RSA and ECC certificates.

For the deeper details see How does SSL/TLS work?