Magnus Stenman wrote: > > Found this in the "What's new file" for Netscape 4.6: > > New 56-bit DES ciphers added to both export and US versions > (requires new SSL cipher suite server-side) > > What is this, and does mod_ssl (or is is OpenSSL) support it? I added them to OpenSSL when they were announced but they are disabled by default (because they are just an I-D) - you can switch them on by editting .../openssl/ssl/tls1.h and turning on: #define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1 I believe Netscape have tested interop (at least, my test server has hits from within Netscape, even though they haven't told me about it [I forgive them, that would probably be illegal]). Servers need to be modified to support them, because they should generate ephemeral 1024 bit keys when required. Let me know if anything interesting happens when you try to use them! Cheers, Ben. -- http://www.apache-ssl.org/ben.html "My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Gandhi ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
