On Mon, Jun 25, 2001 at 04:30:38PM -0700, Scott Miller wrote: > quote: > The ciphersuites that would seem to suit your needs are > SSL_RSA_WITH_NULL_MD5 and SSL_RSA_WITH_NULL_SHA. They use export > strength RSA for authentication (512 bit), no encryption and either a > MD5 or an SHA MAC. There are no SSL ciphersuites without a MAC.
Better yet, be upto date: TLS_RSA_WITH_NULL_SHA (0x0002) and TLS_RSA_WITH_NULL_MD5 (0x0001). The PureTLS Java package is pretty well respected. However, with SSL/TLS the client offers a list of ciphers and the server picks one. If the client doesn't offer *_NULL_* then you can't pick it and I don't know of any browsers which offer this* because SSLv2 was venerable to a downgrade attack. * Netscape: Nope - and I can't see any option to enable it Konqueror: Disabled by default, but it can do it AGL -- If you think things can't get worse it's probably only because you lack sufficient imagination. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 240 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20010626/3e893ec4/attachment.pgp>
