So, in a nutshell openssl doesn't have the ability to create 128-bit
self-signed CA's?
- WW Jr.
Dr S N Henson wrote:
> "Auteria Wally Winzer Jr." wrote:
> >
> > The goal:
> >
> > To generate a 128-bit self-signed CA.
> >
>
> That has little to do with the CA certificate and more to do with the
> software being used. If clients can only make 40 bit SSL connections
> then the clients probably only support 40 bit SSL (the old export
> crippled software) and needs upgrading to 128 bits.
>
> Well actually that's not the whole story. Some certificates signed by a
> special CA can enable 40 bit clients to use 128 bit connections but you
> can't readily create those yourself because they wont be signed by the
> (hard coded) special CA.
>
> Steve.
> --
> Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
> Personal Email: [EMAIL PROTECTED]
> Senior crypto engineer, Celo Communications: http://www.celocom.com/
> Core developer of the OpenSSL project: http://www.openssl.org/
> Business Email: [EMAIL PROTECTED] PGP key: via homepage.
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
S/MIME Cryptographic Signature
