Hi,
I have been experimenting with trying to increase the encryption that my
browser negotiates to my web-server.
So far I've successfully generated, self-signed and deployed a
2048 (256-bit) length certificate. I understand that in order to achieve
the desired results I must also modify the browser (or the crypto
module/config thereof).
I have examined a few browsers in an attempt to
find one with an open enough format. I tested Opera, but it did not
negotiate at a stronger level...Unfortuately Opera Software doesn't
provide their source code.
I just found Konqueror, a Linux browser which provides it's source and
thought that it might be a good candidate to put together this test.
I have two questions:
First off, does anyone have any ideas on how to modify either openSSL or
the Konqueror browser source code (whichever is appropriate...I am
unsure) to allow for no restrictions on key length?
Second, provided the browser was properly modified, would that be enough,
or must a modification also be made on the server side (web-server, in
this case apache, or the crypto libraries) in order to be successful?
Anyone who can provide feedback, or even better yet, hands on assistance
would be greatly appreciated. I understand enough obout the concepts to
know this can work, just don't know enough of the details of the code and
logistics to execute it.
TIA,
Hymnody
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
