1994-12-22 - Re: SSL server experiment

Header Data

From: kipp@warp.mcom.com (Kipp E.B. Hickman)
To: hfinney@shell.portal.com
Message Hash: 35fdd14a4c7aefcc26688273b240ece6c6e63161a20316bc72c276f24da8de30
Message ID: <9412221854.AA10294@warp.mcom.com>
Reply To: N/A
UTC Datetime: 1994-12-22 18:59:14 UTC
Raw Date: Thu, 22 Dec 94 10:59:14 PST

Raw message

From: kipp@warp.mcom.com (Kipp E.B. Hickman)
Date: Thu, 22 Dec 94 10:59:14 PST
To: hfinney@shell.portal.com
Subject: Re: SSL server experiment
Message-ID: <9412221854.AA10294@warp.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain



In article <199412200623.WAA11611@jobe.shell.portal.com>, you write:
> Here is a perl script which connects to a netscape-style "https" server.
> The results of running it with "https.pl home1.mcom.com 443" is:
> 
> Attempting connection to 198.93.93.10
> Connected
> Sent message, length 40
> Received length = 502
> Message type = 4
> Session ID Hit flag = 0
> Certificate type = 1
> Server version = 2
> Certificate length = 472
> Cipher specs length = 3
> Conn ID length = 16
> Supported ciphers:
>         RC4_EXPORT40, 128 bits
> 
> This way you can see which of the 5 cipher options (RC4 or RC2 in full
> and export versions, plus IDEA) are supported by any given server.  You
> always use port 443 and just specify the machine name.  I was a
> little surprised that Netscape's own server is only running the 40 bit
> version.  I hope the export restrictions will not prevent the use of
> full strength ciphers.

Cool!

The 1.1 version of server&client will support 128 bit stuff...The 128
bit client will not be available for ftp though...bloody export laws

---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@mcom.com              http://www.mcom.com/people/kipp/index.html







Thread