Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual page 801

Table K-2 Cipher Suites Supported by Netscape When Using Fortezza for SSL 3.0
Strength Category and
Recommended Use
Strong Fortezza Cipher Suites
Permitted for deployments
within the United States only.
These cipher suites support
encryption that is strong
enough for most business or
government needs.
Netscape Console does not
support these cipher suites.
Weakest Fortezza Cipher Suite
This cipher suite provides
authentication and tamper
detection but no encryption.
Server administrators must be
careful about enabling it,
however, because data sent
using this cipher suite is not
encrypted and may be accessed
by eavesdroppers.
Netscape Console does not
these cipher suites.
Cipher Suites
RC4 With 128-bit Encryption and SHA-1 Message Authentication
Like RC4 with 128-bit encryption and MD5 message authentication,
this cipher is one of the second strongest ciphers after Triple DES. It
permits approximately 3.4 * 10
to crack.
This cipher suite is supported by SSL 3.0 but not by SSL 2.0.
RC4 With SKIPJACK 80-Bit Encryption and SHA-1 Message
Authentication
The SKIPJACK cipher is a classified symmetric-key cryptographic
algorithm implemented in Fortezza-compliant hardware. Some
SKIPJACK implementations support key escrow using the Law
Enforcement Access Field (LEAF). The most recent implementations do
not.
This cipher suite is supported by SSL 3.0 but not by SSL 2.0.
No Encryption, SHA-1 Message Authentication Only
This cipher uses SHA-1 message authentication to detect tampering.
This cipher suite is supported by SSL 3.0 but not by SSL 2.0.
38
possible keys, making it very difficult
Appendix K
Ciphers Used with SSL
Introduction to SSL 801