httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron W Morris <>
Subject Re: [users@httpd] SSL Question
Date Fri, 13 Feb 2004 19:30:21 GMT
Strader, William Alexander (WAX) wrote:

> How does a web browser decypher 256 bit encryption??
> Thanks,
> Billy S.
> WebPool
> Office: (865) 425-5178
> Pager: (865) 417-5012
> -----Original Message-----
> From: Aaron W Morris []
> Sent: Friday, February 13, 2004 1:30 PM
> To:
> Subject: Re: [users@httpd] SSL Question
> The max I have seen is AES 256bit (on a recent Apache2 install).
> Strader, William Alexander (WAX) wrote:
>>OK a user is asking some pretty weird questions and I believe I have the
>>correct answer however if someone wouldn't mind verifing my answers so I
>>know I am correct in my responce:
>>Why are we not using 3DES for SSL Keys?
>>3DES is only used to Network Encryption not Web Encryption.  The max a Web
>>Application can use for encryption is RC4 128bit. 
>>Is this correct???
>>Billy S.
>>Office: (865) 425-5178
>>Pager: (865) 417-5012

At least Mozilla does.   Cannot speak for IE (I cannot find where IE 
reports the cipher used).  You need to look at the docs for the 
SSLCipherSuite directive:

Any cipher that OpenSSL supports should be available to you.  The 
browser should auto-negotiate the highest level of security that both 
the server and browser support.

Aaron W Morris <> (decep)

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message