Hi,
Please check if you are using the RC4/RC2 cipher suite. In that case,
"Note that for RC4 and RC2 ciphers, the phrase "40-bit encryption" means the
keys are still 128 bits long,
but only 40 bits have cryptographic significance. "
Regards,
Srikanth
Stuart Parker <[EMAIL PROTECTED]> on 25/04/2002 13:43:09
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc: (bcc: Srikanth S Chakravarthy/India/KINDLE)
Subject: Key strength confusion
Hi there,
I have a site which is reporting the https connection as 40-bit
with some browsers and 128-bit with other browsers. I am aware that
Microsoft uses a proprietary mechanism to step up a connection to 128
from 40 bit if the browser can handle it, but Netscape also indicates it
is 128. We paid for a 40-bit certificate, so we are unsure as to why it
would report as 128 bit in any circumstance.
Thanks
Stuart
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.Kindlesystems.com
**********************************************************************
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
