RE: I'm still so very confused about certificates
-Original Message- From: Eric Murray [mailto:[EMAIL PROTECTED]] Sent: Friday, August 25, 2000 10:04 PM To: [EMAIL PROTECTED] Subject: Re: I'm still so very confused about certificates The certificate has no effect on the type of symmetric encryption that SSL negotiates. Funny... I was just about to post a question concerning the same matter :-) I know how SSL works and that the certificate does'nt affect the symmetric encryption used after authentication but I'm still confused. I intend to get a signed certificate from Verisign but if I understand correctly (their web pages) they are actually selling certificates for 40 bit and for 128 bit encryption... how can this be? The 40 bit certificate is said to use 40 bit encryption with export-version browsers and 128 with domestic ones. The 128 bit certificate is said to always form a 128 bit enc. How can it be possible that with the 128 bit certificate one wound'nt have the ability of using 40 bit session keys? Thanks You for answering -- I'd be happy to hear that I have misunderstood something :-) Yours Ville __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: I'm still so very confused about certificates
Hi, We have two keys: RSA key for certificate and key for data encryption. When you read Verisign's pages you read about RSA key length (certificate). It is possible to use any combinations of key lengths for RSA and symmetric algorithm, e.g. 40 bit certificate and RC4-MD5 (128 bit) data encryption. Regards Yuriy Stul, Tashilon Ltd., Core Technology Division Manager mailto:[EMAIL PROTECTED] http://www.tashilon.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wirta, Ville Sent: Monday, August 28, 2000 8:15 AM To: '[EMAIL PROTECTED]' Subject: RE: I'm still so very confused about certificates -Original Message- From: Eric Murray [mailto:[EMAIL PROTECTED]] Sent: Friday, August 25, 2000 10:04 PM To: [EMAIL PROTECTED] Subject: Re: I'm still so very confused about certificates The certificate has no effect on the type of symmetric encryption that SSL negotiates. Funny... I was just about to post a question concerning the same matter :-) I know how SSL works and that the certificate does'nt affect the symmetric encryption used after authentication but I'm still confused. I intend to get a signed certificate from Verisign but if I understand correctly (their web pages) they are actually selling certificates for 40 bit and for 128 bit encryption... how can this be? The 40 bit certificate is said to use 40 bit encryption with export-version browsers and 128 with domestic ones. The 128 bit certificate is said to always form a 128 bit enc. How can it be possible that with the 128 bit certificate one wound'nt have the ability of using 40 bit session keys? Thanks You for answering -- I'd be happy to hear that I have misunderstood something :-) Yours Ville __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: I'm still so very confused about certificates
Hmmm I'm not sure if I understand You correctly. Do you really mean that Verisign wound be talking about RSA key lengths? That those keys were 40 or 128 bit long? That cannot be since RSA is a public key algorithm and usually nowadays at least 1024 bits long. My humble question is still in the air: why is Verisign selling two different(?) type of certificates? Yours Ville -Original Message- From: Yuriy Stul [mailto:[EMAIL PROTECTED]] Sent: Monday, August 28, 2000 10:34 AM To: [EMAIL PROTECTED] Subject: RE: I'm still so very confused about certificates Hi, We have two keys: RSA key for certificate and key for data encryption. When you read Verisign's pages you read about RSA key length (certificate). It is possible to use any combinations of key lengths for RSA and symmetric algorithm, e.g. 40 bit certificate and RC4-MD5 (128 bit) data encryption. Regards Yuriy Stul, Tashilon Ltd., Core Technology Division Manager mailto:[EMAIL PROTECTED] http://www.tashilon.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wirta, Ville Sent: Monday, August 28, 2000 8:15 AM To: '[EMAIL PROTECTED]' Subject: RE: I'm still so very confused about certificates -Original Message- From: Eric Murray [mailto:[EMAIL PROTECTED]] Sent: Friday, August 25, 2000 10:04 PM To: [EMAIL PROTECTED] Subject: Re: I'm still so very confused about certificates The certificate has no effect on the type of symmetric encryption that SSL negotiates. Funny... I was just about to post a question concerning the same matter :-) I know how SSL works and that the certificate does'nt affect the symmetric encryption used after authentication but I'm still confused. I intend to get a signed certificate from Verisign but if I understand correctly (their web pages) they are actually selling certificates for 40 bit and for 128 bit encryption... how can this be? The 40 bit certificate is said to use 40 bit encryption with export-version browsers and 128 with domestic ones. The 128 bit certificate is said to always form a 128 bit enc. How can it be possible that with the 128 bit certificate one wound'nt have the ability of using 40 bit session keys? Thanks You for answering -- I'd be happy to hear that I have misunderstood something :-) Yours Ville __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: I'm still so very confused about certificates
On Mon, Aug 28, 2000 at 09:15:25AM +0300, Wirta, Ville wrote: -Original Message- From: Eric Murray [mailto:[EMAIL PROTECTED]] Sent: Friday, August 25, 2000 10:04 PM To: [EMAIL PROTECTED] Subject: Re: I'm still so very confused about certificates The certificate has no effect on the type of symmetric encryption that SSL negotiates. Funny... I was just about to post a question concerning the same matter :-) I know how SSL works and that the certificate does'nt affect the symmetric encryption used after authentication but I'm still confused. I intend to get a signed certificate from Verisign but if I understand correctly (their web pages) they are actually selling certificates for 40 bit and for 128 bit encryption... how can this be? The Verisign site is a masterful display of obfuscation in the name of making cryptography easier to understand. The "128-bit" certificates have X.509v3 extensions for "Server Gated Crypto" or "Step-up" that Netscape and Microsoft browsers recognize. This extension (it has nothing to do with the public key) when present, lets certain browsers which have code that recognizes the extension to use strong non-export ciphersuites when talking to a server that sends an SGC cert. As far as I know, there's no difference in the actual key size (and thus the strength) of Verisign's "40-bit" and "128-bit" certs. The "40-bit" certs should still allow stong crypto SSL/TLS sessions with non-export browsers... which is what all browsers should be soon, with the latest rev of the US export regs. However, my previous statement is incorrect- it should have been "the server public key has no effect on the strength of symmetric encryption that SSL negotiates", as the presence of the SGC extension can allow an "export" browser to connect using a less insecure ciphersuite. The 40 bit certificate is said to use 40 bit encryption with export-version browsers and 128 with domestic ones. The 128 bit certificate is said to always form a 128 bit enc. No, they say that the "128-bit" certs ENABLE 128-bit connections. (http://www.verisign.com/site/ssl.html#Difference) They just WANT you to think that it always makes a 128-bit ciphersuite. It appears that other than the SGC extension, the purpose of the "128-bit" cert is to enable the removal of an extra $549 from the server operator's wallet. -- Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5 Consulting Security Architect __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: I'm still so very confused about certificates
The certificate has no effect on the type of symmetric encryption that SSL negotiates. Except that if you have to support older "export-strength crypto" browsers, then you can only have a 512bit key. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: I'm still so very confused about certificates
Rich Salz [EMAIL PROTECTED] writes: The certificate has no effect on the type of symmetric encryption that SSL negotiates. Except that if you have to support older "export-strength crypto" browsers, then you can only have a 512bit key. Only REALLY REALLY old browsers that only support SSLv2. SSLv3 has a an ephemeral RSA scheme that lets you authenticate a 512-bit key with your 1024 bit signing key. -Ekr __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: I'm still so very confused about certificates
there has been a generation of browsers supporting SSLv3 AND USA export restrictions as well: they where able to generate RSA keys limited to 512 bit length and simmetric key up to 40 bits (upgraded to 56 recently). Using such a netscape for example you were able to import a PKCS12 file containing an externally generated RSA 1024 bit (or grater) key pair and use it to establish an SSLv3 session but it only creates 40 or 56 session keys for encryption. pietro Rich Salz [EMAIL PROTECTED] writes: The certificate has no effect on the type of symmetric encryption that SSL negotiates. Except that if you have to support older "export-strength crypto" browsers, then you can only have a 512bit key. Only REALLY REALLY old browsers that only support SSLv2. SSLv3 has a an ephemeral RSA scheme that lets you authenticate a 512-bit key with your 1024 bit signing key. -Ekr __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: I'm still so very confused about certificates
"[EMAIL PROTECTED]"[EMAIL PROTECTED] writes: there has been a generation of browsers supporting SSLv3 AND USA export restrictions as well: they where able to generate RSA keys limited to 512 bit length and simmetric key up to 40 bits (upgraded to 56 recently). Using such a netscape for example you were able to import a PKCS12 file containing an externally generated RSA 1024 bit (or grater) key pair and use it to establish an SSLv3 session but it only creates 40 or 56 session keys for encryption. The size of the RSA keys in the browser is irrelevant because that key isn't used for confidentiality. -Ekr __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: I'm still so very confused about certificates
Your are right, anyway export restrictions have been almost removed or heavy modified and maybe we are going off topic :-) Pietro "[EMAIL PROTECTED]"[EMAIL PROTECTED] writes: there has been a generation of browsers supporting SSLv3 AND USA export restrictions as well: they where able to generate RSA keys limited to 512 bit length and simmetric key up to 40 bits (upgraded to 56 recently). Using such a netscape for example you were able to import a PKCS12 file containing an externally generated RSA 1024 bit (or grater) key pair and use it to establish an SSLv3 session but it only creates 40 or 56 session keys for encryption. The size of the RSA keys in the browser is irrelevant because that key isn't used for confidentiality. -Ekr __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]