Greg,
Based on what I've discovered so far, and your feedback, it seems that the
best approach is to tweek the default keylegth of the RC4/SHA ciphersuite.
This cipher method comes standard under SSL v3/TLS1 at 56-bit and 128-bit
functionality.
It doesn't seem that it should take much more than a modification to the
default key-length of these particular cryptosuites. After which the
modified openSSL could then be used to drive the apache secureserver and
konqueror browser to complete the two ends of the communication.
I'm sure, that one of the devlopers of openSSL would know exactly where to
make the surgical modifications that would allow for this functionality.
Does this make sense, or am I overlooking something?
Regards,
Francis
BTW, what is AES?
> The signatures in the certificates are built with one of SHA1, MD5, or
> rarely MD2. These last two have only 128-bit outputs.
> > This I fully get. My question here is, how do I manually define the
> > keylength of a given ciphersuite?
> > > 4.) So, which symmetric cipher were you planning to add?
> >
> > After doing a little reseach into the symmetric ciphers, I basically have
> > three choices, DES(3), RC4, or Blowfish. If I had my pick it would be
> > Blowfish or RC4.
> >
> > Provided I could accomplish this modification I would like to then test it
> > with an opensource browser and see if it is possible to negotiate at the
> > higher keylength.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
