On Friday, April 26, 2002, at 11:39 PM, [EMAIL PROTECTED] wrote:
> > I'm not sure what you mean when you say that you paid for a 40bit > certificate. Do you mean an SGC cert? > No. We purchased through a local Verisign distributor which sells Global (128-bit SSL) and Secure (40-bit SSL) certificates. This was a renewal of an expired certificate which is definately 40-bit. Being in Australia it was not possible 2 years ago to get a 128 bit certificate for a web site, so we had to go for 40-bit certificates. I think in the US at the time they referred to the difference as 'domestic' vs 'international'. domestic was 128-bit and international was 40-bit. The reason I am chasing this up is that on a deployed site, we are getting data encryption errors being reported to users since putting the renewed certificate in place. It happens quite infrequently, and may only affect a few browsers, but I needed to determine whether it is standard or acceptable behaviour for browsers and servers to upgrade a connection in this way and whether there are any gotchas for any platforms or browsers. Secondly, if 40 bit certificates can allow connections at 128 bit when the browser supports it, why buy a 128 bit certificate which is twice as expensive? Thanks to Srikanth, David and John for the replies. Cheers Stuart ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]