Re: Key strength confusion

Fri, 26 Apr 2002 08:02:08 -0700 

Stuart Parker <[EMAIL PROTECTED]> writes:

> On Friday, April 26, 2002, at 11:39  PM, [EMAIL PROTECTED] wrote:
> 
> >
> > I'm not sure what you mean when you say that you paid for a 40bit
> > certificate. Do you mean an SGC cert?
> >
> 
> No. We purchased through a local Verisign distributor which sells Global 
> (128-bit SSL) and Secure (40-bit SSL) certificates. This was a renewal 
> of an expired certificate which is definately 40-bit. Being in Australia 
> it was not possible 2 years ago to get a 128 bit certificate for a web 
> site, so we had to go for 40-bit certificates. I think in the US at the 
> time they referred to the difference as 'domestic' vs 'international'. 
> domestic was 128-bit and international was 40-bit.
>
> The reason I am chasing this up is that on a deployed site, we are 
> getting data encryption errors being reported to users since putting the 
> renewed certificate in place. It happens quite infrequently, and may 
> only affect a few browsers, but I needed to determine whether it is 
> standard or acceptable behaviour for browsers and servers to upgrade a 
> connection in this way and whether there are any gotchas for any 
> platforms or browsers. Secondly, if 40 bit certificates can allow 
> connections at 128 bit when the browser supports it, why buy a 128 bit 
> certificate which is twice as expensive?
As far as I know, there is in fact no such thing as a 40-bit cert.

There are two kinds of certificates:

(1) Ordinary X.509 certs containing an RSA key of whatever strength
you've chosen.
(2) Certs containing the SGC/Step-Up extensions.

There are three kinds of browsers in the world:
(1) Really old export browsers which will only do 40 bit crypto.
(2) Newer export browsers which will do SGC/Step-Up.
(3) Old domestic browsers or new (post export-control removal)
export browsers which do strong crypto.

So, the interaction matrix between certificates and browsers looks like
this:

                                    Cert
Browser              Ordinary                     SGC/Step-Up
----------------------------------------------------------------
Old Export           40-bit crypto                40-bit crypto
Newer Export         40-bit crypto                SGC/Step-Up to strong
New Export/Domestic  Strong crypto                Strong crypto

There is no way to tag an X.509 certificate in such a way that
it is 40-bit only.

-Ekr

-- 
[Eric Rescorla                                   [EMAIL PROTECTED]]
Author of "SSL and TLS: Designing and Building Secure Systems"
                  http://www.rtfm.com/
  
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to