cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: https: how many bit ist the certificate

From: Goetz Babin-Ebell <babinebell_at_trustcenter.de>
Date: Mon, 09 Dec 2002 18:19:24 +0100

J�rg M�ller-Tolk wrote:
> Hello all
Hello J�rg,

> I hope somebody is so kind to tell me more than "R T F M".
Read The TLS RFC ? ;-)

> I just don't find the information how many bit the encryption of https
> transmissions is, if I don't supply a certificate or change any settings.

The client certificate is never used in the transmission phase of SSL.
The client certificate is only used in the handshake
(And there only used to verify data signed with the private key...)

The actual session cipher (and the strength of the encryption)
is negotiated in the handshake.
Server and client have a list of supported session ciphers and in
the handshake one of these ciphers is selected.

If you want to set the encryption strength, you have to set the
ciphers to a list of ciphers with that have this strength.

For a list of ciphers and their strength use:

openssl ciphers -v

Bye

Goetz

-- 
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on 2002-12-09

This message: [ Message body ]
Next message: RBramante_at_on.com: "RE: HTTP PUT performance issues"
Previous message: J�rg M�ller-Tolk: "https: how many bit ist the certificate"
In reply to: J�rg M�ller-Tolk: "https: how many bit ist the certificate"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]