[EMAIL PROTECTED] wrote:
> My financial instituion has introduced on-line banking, with 128-bit
> encryption. According to their web site, they are using RSA, which SSLeay
> 0.6.6 does not support, but which current versions do. Can a newer version of
Erm, the SSLeay lib used in V2.95 *does* do RSA. In fact, the original SSL
v2 specification *only* has RSA as a method of the initial key exchanges,
so without RSA, nothing would work.
> SSLeay be patched to V2.95 or will we have to wait for the next generation of
> Voyager, and when it arrives, will it have this latest version of SSLeay?
SSLeay itself is being discontinued, as both of the core authors
are working for RSA Inc. Australia now :)
I'm moving to OpenSSL now (http://www.openssl.org). This also supports
Diffie-Hellmann for the assymetric cipher exchanges, and implements SSL v3
and TLS v1 protocols. TLS (Transport Layer Security) is the proposed
IETF standard for encrypted and authenticated socket connections and,
on the long run, will eventually outphase the Netscape-proprietary
SSL and the MS-proprietary PCT protocols.
Olli
--
� Oliver Wagner <[EMAIL PROTECTED]>
� http://www.vapor.com
� finger [EMAIL PROTECTED]