> VeriSign claims its 128-bit $889 Secure Site Pro Certificate is
> the strongest encryption available. Is this true?
That's using 128bit RC4 for the bulk encryption of SSL/TLS traffic between
server and client.
> If so how is it possible to create a 1024 bit or greater RSA private key
> with OpenSSL?
It's a different crypto/cipher algorithm. In most SSL use, RSA is used
to exchange a bulk encryption key. So you need both. You should ask
Verisign how big a key they're willing to sign; will the 2Kbit RSA key
in their CA sign a cert for a 4Kbit key? :)
> Also what's the maximum bit value that OpenSSL supports?
Depends on the cipher. At least as much as the standards specify. :)
OpenSSL has supported 128bit RC4 from day one.
/r$
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
