Patrick wrote: > > Is the SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA cipher an SSL 3 cipher? > And what about the SSL_RSA_FIPS_WITH_DES_CBC_SHA? > Why the SSL_ prefix? > > -- POC
The complete history and definition of the SSL3 "FIPS" ciphersuites is given in http://www.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html They are not official SSL3 or TLS ciphersuites. They are a hybrid of SSL3 and TLS. Their use is deprecated now that TLS is an RFC and is widely implemented, because it is believed that TLS can be considered FIPS compliant when used with ciphersuites that feature only FIPS compliant algorithms. -- Nelson Bolyard Disclaimer: I speak for myself, not for Netscape
