Rich Salz <[EMAIL PROTECTED]> writes:
> > The certificate has no effect on the type of symmetric encryption that SSL
> > negotiates.
>
> Except that if you have to support older "export-strength crypto"
> browsers, then you can only have a 512bit key.
Only REALLY REALLY old browsers that only support SSLv2.
SSLv3 has a an ephemeral RSA scheme that lets you authenticate a
512-bit key with your 1024 bit signing key.
-Ekr
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
