Doing some poking around in the list archives and some sites on the net, I
see how one can require remote connections to use 128-bit RC4 encryption.
Setting aside the debate on whether or not this algorithm qualifies as
secure or insecure, this is a symmetric algorithm. As sending the key in
the clear would be a major faux pas, does anyone know what mechanism this
app uses to do secure key exchange? Does it just borrow a browser cert to
do a DH exchange?
Any insights would be appreciated.
Thanks,
Scott
