Re: I'm still so very confused about certificates

[Eric Rescorla]

"[EMAIL PROTECTED]"<[EMAIL PROTECTED]> writes:

> there has been a generation of browsers supporting SSLv3 AND USA export 
> restrictions as well: they where able to generate RSA keys limited to 
> 512 bit length and simmetric key up to 40 bits (upgraded to 56 
> recently). Using such a netscape for example you were able to import a 
> PKCS12 file containing an externally generated RSA 1024 bit (or grater) 
> key pair and use it to establish an SSLv3 session but it only creates 40 
> or 56 session keys for encryption.
The size of the RSA keys in the browser is irrelevant because that
key isn't used for confidentiality.

-Ekr
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]