berle oliver wrote: > Is there a way to turn off data encryption on an SSL > connection? In my case client authentication is much > more important and the data encryption step simply > adds too much overhead. Thanks,
Yes, There are some SSL "cipher suites' that do only authentication + message integrity checking, no encryption. Those cipher suites are disabled by default in all browser products I know of, and probably in most server products, too. So, to use them, you'll need to enable them in your users' browser(s) and in your server(s). These cipher suites have the word "NULL" in their names. Find the UI by which you change your browser's and server's cipher suites and enable the ones with the word NULL in the name. In FireFox, it may be necessary to use the about:config page to enable those cipher suites, because there may be no other UI with which to do so. /Nelson _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
