-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Mark Sullivan wrote:

How can I use the none cipher with SSL?

"ciphers = NULL" should do it, although personally I haven't tried it. Make sure to configure it on *both* server and client. Otherwise the peer will refuse to accept the NULL cipher.

which ciphers allow for the best throughput?

Raw throughput of the symmetric cipher is rarely the bottleneck for SSL (except for network links faster than 1gbps or very slow CPUs). More often it's either network stack/hardware or asymmetric encryption.

To identify the fastest ciphers on your particular platform use: openssl speed

I think CAMELLIA128 provides a nice balance between security and performance: http://en.wikipedia.org/wiki/Camellia_(cipher)

RC4 is much faster, but not nearly as secure. Unfortunately OpenSSL does not support any modern stream ciphers...

Mike