Re: Setting the bit to 128

Fri, 16 Feb 2001 12:08:38 -0800 

When a cert is created by openssl (using the CA.pl script):
CA.pl -newca
CA.pl -newreq
CA.pl -sign
I deploy it to Apache.  Within my testbed when accessing
the SSL pages when I move the mouse over the lock it shows
the strength of the SSL Secured (40-bit).

Does this has to do w/ the browser? or do I have to have
specific software that creates keys of 128-bit encryption?
If the browser is 128-bit will it set the SSL page to 128?

- Wally Winzer Jr.

Greg Stark wrote:

> No. Your question doesn't make any sense, so folks are just trying to guess
> what you *might* mean.
>
> _____________________________________
> Greg Stark
> Ethentica, Inc.
> [EMAIL PROTECTED]
> _____________________________________
>
> ----- Original Message -----
> From: "Auteria Wally Winzer Jr." <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, February 16, 2001 3:00 PM
> Subject: Re: Setting the bit to 128
>
> > So, in a nutshell openssl doesn't have the ability to create 128-bit
> > self-signed CA's?
> >
> > - WW Jr.
> >
> > Dr S N Henson wrote:
> >
> > > "Auteria Wally Winzer Jr." wrote:
> > > >
> > > > The goal:
> > > >
> > > > To generate a 128-bit self-signed CA.
> > > >
> > >
> > > That has little to do with the CA certificate and more to do with the
> > > software being used. If clients can only make 40 bit SSL connections
> > > then the clients probably only support 40 bit SSL (the old export
> > > crippled software) and needs upgrading to 128 bits.
> > >
> > > Well actually that's not the whole story. Some certificates signed by a
> > > special CA can enable 40 bit clients to use 128 bit connections but you
> > > can't readily create those yourself because they wont be signed by the
> > > (hard coded) special CA.
> > >
> > > Steve.
> > > --
> > > Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
> > > Personal Email: [EMAIL PROTECTED]
> > > Senior crypto engineer, Celo Communications: http://www.celocom.com/
> > > Core developer of the   OpenSSL project: http://www.openssl.org/
> > > Business Email: [EMAIL PROTECTED] PGP key: via homepage.
> > > ______________________________________________________________________
> > > OpenSSL Project                                 http://www.openssl.org
> > > User Support Mailing List                    [EMAIL PROTECTED]
> > > Automated List Manager                           [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]

S/MIME Cryptographic Signature

Reply via email to