-----Original Message-----
From: Ian Brown <[EMAIL PROTECTED]>
Date: Friday, November 13, 1998 11:26 PM
>> Uhm, I see. But in that case, what happens if someone gets a
(non-escrowed)
>> DSA cert, and uses it for a secure web server only supporting the
>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA ciphersuite (ephemeral Diffie-Hellman
>> authenticated with DSS)? Strong, MIM-attack-resistant, and required by
TLS
>> for minimum compliance (and, HOPEFULLY, some day supported by popular
>> browsers...)
>
>Although it isn't clear if this will happen (or even if the govt. has
>realised the possibility), the CA could set keyUsage flags in the
>certificate to stop a DSA cert from authenticating a strong encryption key
>at all, or limit authenticated encryption key length to 40 bits, or not
>allow any further certification by that key. The wonders of X.509...
Yeah, but the server could ignore the flags ;-)
Enzo
