Are you saying that I can't implement AES with x.509 ?
Thanks, Tom From: [email protected] [mailto:[email protected]] On Behalf Of Greg Keogh Sent: Tuesday, 27 December 2011 3:19 PM To: 'ozDotNet' Subject: RE: makecert fixed on RSA ? I'm doing some research on certificates it seems that when makecert in windows server 2008 is used you don't get a choice on the certificate's algorithm? It defaults to RSA for key exchange ? looking at the extended option in makecert it only has the option of allowing to change the signature algorithm as opposed to the encryption algorithm? What can I do if I wanted to use AES just as an example. Dunno if this helps, but RSA is a bit of a performance burden and usually used for encrypting small amounts of data such as keys. AES is a comparatively efficient block cipher. RSA uses a key-pair and AES uses one key, so they are designed for different purposes. DSA is usually used for making signatures. I think you're mixing up the algorithms. Greg
