RE: Key strength confusion

2002-04-29 Thread John . Airey
c Rescorla [mailto:[EMAIL PROTECTED]] Sent: 26 April 2002 16:17 To: [EMAIL PROTECTED] Subject: Re: Key strength confusion [snip] As far as I know, there is in fact no such thing as a 40-bit cert. There are two kinds of certificates: (1) Ordinary X.509 certs containing an RSA key of whatever strength

Re: Key strength confusion

2002-04-26 Thread Eric Rescorla
"Luo, Feng (Exchange)" <[EMAIL PROTECTED]> writes: > You are absolutely right, there is not so called 40-bit certificate. The key > strength is controlled by server and browser, forget about SGC , it's old. You can't forget about SGC, because there are still SGC-only export browsers out there. -E

RE: Key strength confusion

2002-04-26 Thread Luo, Feng (Exchange)
ECTED] Subject: Re: Key strength confusion Stuart Parker <[EMAIL PROTECTED]> writes: > On Friday, April 26, 2002, at 11:39 PM, [EMAIL PROTECTED] wrote: > > > > > I'm not sure what you mean when you say that you paid for a 40bit > > certificate. Do you mean an SGC c

Re: Key strength confusion

2002-04-26 Thread Eric Rescorla
Stuart Parker <[EMAIL PROTECTED]> writes: > On Friday, April 26, 2002, at 11:39 PM, [EMAIL PROTECTED] wrote: > > > > > I'm not sure what you mean when you say that you paid for a 40bit > > certificate. Do you mean an SGC cert? > > > > No. We purchased through a local Verisign distributor which

RE: Key strength confusion

2002-04-26 Thread John . Airey
I don't know much about the restrictions in Australia, but I do know that we've had a 128bit certificate since 1997. At that time we were running apache-ssl. So I confess that I've never touched a 40bit certificate. There are issues with versions of IE5 before 5.01SP2 (which itself is being dropp

Re: Key strength confusion

2002-04-26 Thread Stuart Parker
On Friday, April 26, 2002, at 11:39 PM, [EMAIL PROTECTED] wrote: > > I'm not sure what you mean when you say that you paid for a 40bit > certificate. Do you mean an SGC cert? > No. We purchased through a local Verisign distributor which sells Global (128-bit SSL) and Secure (40-bit SSL) certi

Re: Key strength confusion

2002-04-25 Thread Srikanth_Chakravarthy
t;[EMAIL PROTECTED]> on 25/04/2002 13:43:09 Please respond to [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Srikanth S Chakravarthy/India/KINDLE) Subject: Key strength confusion Hi there, I have a site which is reporting the https connection as 40-bit with some browsers and 1

Key strength confusion

2002-04-25 Thread Stuart Parker
Hi there, I have a site which is reporting the https connection as 40-bit with some browsers and 128-bit with other browsers. I am aware that Microsoft uses a proprietary mechanism to step up a connection to 128 from 40 bit if the browser can handle it, but Netscape also indicates it i