httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ARSLAN Ozgur <oars...@team-partners.com>
Subject [users@httpd] RE : [users@httpd] SSL Question
Date Fri, 13 Feb 2004 17:25:04 GMT
Hi,

RSA is used for the Key Exchange. 3Des is a cipher that can be used to
encrypt the private key. 3DES is the strongest cipher that you can use but
its use could be submitted to special permissions in some cases (US gov,
Banks, ...).
You can also use other ciphers with RSA Key Exchange : RC4, RC2, DES, MD5.
MD5 is the weakest cipher. It does not ensure encryption.

Openssl's "genrsa" command default key generation use md5, but you can
provide arguments to use others (see openssl genrsa -h).

You can use 3DES for SSL Keys as your user asks but be careful with US or
local laws. (with -des3 option).

For more information, have a look at :
http://docs.sun.com/source/816-6156-10/contents.htm


Cheers,
Ozgur.

-----Message d'origine-----
De : Strader, William Alexander (WAX) [mailto:straderw@y12.doe.gov] 
Envoyé : vendredi 13 février 2004 16:20
À : 'users@httpd.apache.org'
Objet : [users@httpd] SSL Question


OK a user is asking some pretty weird questions and I believe I have the
correct answer however if someone wouldn't mind verifing my answers so I
know I am correct in my responce:

Why are we not using 3DES for SSL Keys?

3DES is only used to Network Encryption not Web Encryption.  The max a Web
Application can use for encryption is RC4 128bit. 

Is this correct???

Thanks,

Billy S.
WebPool
Office: (865) 425-5178
Pager: (865) 417-5012

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Mime
View raw message