Table of Contents
Advertisement
Ciphers Used with SSL
Table K-1
Cipher Suites Supported by the SSL Protocol That Use the RSA Key-Exchange Algorithm
Strength Category and
Recommended Use
Exportable Cipher Suites
These cipher suites are not as
strong as those listed above, but
may be exported to most
countries (note that France
permits them for SSL but not for
S/MIME). They provide the
strongest encryption available
for exportable products.
Weakest Cipher Suite
This cipher suite provides
authentication and tamper
detection but no encryption.
Server administrators must be
careful about enabling it,
however, because data sent
using this cipher suite is not
encrypted and may be accessed
by eavesdroppers.
1. Note that for RC4 and RC2 ciphers, the phrase "40-bit encryption" means the keys are still 128 bits long, but only 40 bits have
cryptographic significance.
Fortezza Cipher Suites
Table K-2 lists additional cipher suites supported by Netscape products with
Fortezza. for SSL 3.0. Fortezza is an encryption system used by U.S. government
agencies to manage sensitive but unclassified information. It provides a hardware
implementation of two classified ciphers developed by the federal government:
Fortezza KEA and SKIPJACK. Fortezza ciphers for SSL use the Key Exchange
Algorithm (KEA) instead of the RSA key-exchange algorithm mentioned in the
preceding section, and use Fortezza cards and DSA for client authentication.
800
Managing Servers with Netscape Console • December 2001
Cipher Suites
RC4 With 40-Bit Encryption and MD5 Message Authentication
RC4 40-bit encryption permits approximately 1.1 * 10
possible keys. RC4 ciphers are the fastest of the supported ciphers.
Both SSL 2.0 and SSL 3.0 support this cipher.
Netscape Console supports only the SSL 3.0 version of this cipher suite.
1
RC2 With 40-Bit Encryption and MD5 Message Authentication
RC2 40-bit encryption permits approximately 1.1 * 10
possible keys. RC2 ciphers are slower than the RC4 ciphers.
Both SSL 2.0 and SSL 3.0 support this cipher.
Netscape Console supports only the SSL 3.0 version of this cipher suite.
No Encryption, MD5 Message Authentication Only
This cipher suite uses MD5 message authentication to detect tampering.
It is typically supported in case a client and server have none of the
other ciphers in common.
This cipher suite is supported by SSL 3.0 but not by SSL 2.0.
12
(a trillion)
12
(a trillion)
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN