On 2009-08-19 11:30 PDT, Justin wells wrote: > Hi all, > > When I visit an HTTPS link I can see what strength of encryption is > used to encrypt the content (e.g., 256 bit AES) and if I dig a little > I can even see the strength of the certificate used for authentication > (e.g., 1024 bit RSA). What I can't seem to find anywhere is any > information about the strength or nature of the cryptography used for > key agreement.
> Almost certainly the key agreement protocol is less secure than the > 256 bit AES the browser tells me my bank supports. You're speculating. The question is not: what does NSS do, or what does Firefox do, but rather, what does the TLS specification specify? I suggest you get a copy of RFC 2246 and study it. ftp://ftp.rfc-editor.org/in-notes/rfc2246.txt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto