Hi, I am experimenting with the minumum RSA key lenght allowed by TLS 1.0. What I gather from reading the specification is that it is left to applications to enforce minimum/maximum lenghts - please correct me if this is not the case.
Assuming that TLS 1.0 spec does not place any restriction on the RSA key size in a server certificate, does OpenSSL have any such restriction. e.g. will it allow creation of a server certificate with only 128 bit RSA key? I know it is very insecure, but I want to ignore that part for now. Also what about the browsers? will IE or Netscape accept such a certificate during TLS handshake? thanks, --- asad ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
