Stuart Parker <[EMAIL PROTECTED]> writes: > On Friday, April 26, 2002, at 11:39 PM, [EMAIL PROTECTED] wrote: > > > > > I'm not sure what you mean when you say that you paid for a 40bit > > certificate. Do you mean an SGC cert? > > > > No. We purchased through a local Verisign distributor which sells Global > (128-bit SSL) and Secure (40-bit SSL) certificates. This was a renewal > of an expired certificate which is definately 40-bit. Being in Australia > it was not possible 2 years ago to get a 128 bit certificate for a web > site, so we had to go for 40-bit certificates. I think in the US at the > time they referred to the difference as 'domestic' vs 'international'. > domestic was 128-bit and international was 40-bit. > > The reason I am chasing this up is that on a deployed site, we are > getting data encryption errors being reported to users since putting the > renewed certificate in place. It happens quite infrequently, and may > only affect a few browsers, but I needed to determine whether it is > standard or acceptable behaviour for browsers and servers to upgrade a > connection in this way and whether there are any gotchas for any > platforms or browsers. Secondly, if 40 bit certificates can allow > connections at 128 bit when the browser supports it, why buy a 128 bit > certificate which is twice as expensive? As far as I know, there is in fact no such thing as a 40-bit cert.
There are two kinds of certificates: (1) Ordinary X.509 certs containing an RSA key of whatever strength you've chosen. (2) Certs containing the SGC/Step-Up extensions. There are three kinds of browsers in the world: (1) Really old export browsers which will only do 40 bit crypto. (2) Newer export browsers which will do SGC/Step-Up. (3) Old domestic browsers or new (post export-control removal) export browsers which do strong crypto. So, the interaction matrix between certificates and browsers looks like this: Cert Browser Ordinary SGC/Step-Up ---------------------------------------------------------------- Old Export 40-bit crypto 40-bit crypto Newer Export 40-bit crypto SGC/Step-Up to strong New Export/Domestic Strong crypto Strong crypto There is no way to tag an X.509 certificate in such a way that it is 40-bit only. -Ekr -- [Eric Rescorla [EMAIL PROTECTED]] Author of "SSL and TLS: Designing and Building Secure Systems" http://www.rtfm.com/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]