RE: I'm still so very confused about certificates

Sun, 27 Aug 2000 23:32:06 -0700 

Hi,
  We have two keys: RSA key for certificate and key for data encryption.
When you read Verisign's pages you read about RSA key length (certificate).
It is possible to use any combinations of key lengths for RSA and symmetric
algorithm, e.g. 40 bit certificate and RC4-MD5 (128 bit) data encryption.

Regards
Yuriy Stul, Tashilon Ltd., Core Technology Division Manager
<mailto:[EMAIL PROTECTED]> <http://www.tashilon.com>

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Wirta, Ville
> Sent: Monday, August 28, 2000 8:15 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: I'm still so very confused about certificates
>
>
>
>
> -----Original Message-----
> From: Eric Murray [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 25, 2000 10:04 PM
> To: [EMAIL PROTECTED]
> Subject: Re: I'm still so very confused about certificates
>
> >The certificate has no effect on the type of symmetric
> encryption that SSL
> >negotiates.
>
>       Funny... I was just about to post a question concerning the same
> matter :-) I know how SSL works and that the certificate does'nt
> affect the
> symmetric encryption used after authentication but I'm still confused. I
> intend to get a signed certificate from Verisign but if I understand
> correctly (their web pages) they are actually selling certificates for 40
> bit and for 128 bit encryption... how can this be? The 40 bit
> certificate is
> said to use 40 bit encryption with export-version browsers and 128 with
> domestic ones. The 128 bit certificate is said to always form a
> 128 bit enc.
> How can it be possible that with the 128 bit certificate one wound'nt have
> the ability of using 40 bit session keys?
>
>       Thanks You for answering --> I'd be happy to hear that I have
> misunderstood something :-)
>
>       Yours     Ville
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to