[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL server experiment




In article <[email protected]>, you write:
> Here is a perl script which connects to a netscape-style "https" server.
> The results of running it with "https.pl home1.mcom.com 443" is:
> 
> Attempting connection to 198.93.93.10
> Connected
> Sent message, length 40
> Received length = 502
> Message type = 4
> Session ID Hit flag = 0
> Certificate type = 1
> Server version = 2
> Certificate length = 472
> Cipher specs length = 3
> Conn ID length = 16
> Supported ciphers:
>         RC4_EXPORT40, 128 bits
> 
> This way you can see which of the 5 cipher options (RC4 or RC2 in full
> and export versions, plus IDEA) are supported by any given server.  You
> always use port 443 and just specify the machine name.  I was a
> little surprised that Netscape's own server is only running the 40 bit
> version.  I hope the export restrictions will not prevent the use of
> full strength ciphers.

Cool!

The 1.1 version of server&client will support 128 bit stuff...The 128
bit client will not be available for ftp though...bloody export laws

---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
[email protected]              http://www.mcom.com/people/kipp/index.html