home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam    

Book HomeApache: The Definitive GuideSearch this book

13.8. Cipher Suites

The SSL protocol does not restrict clients and servers to a single encryption brew for the secure exchange of information. There are a number of possible cryptographic ingredients, but as in any cookpot, some ingredients go better together than others. The seriously interested can refer to Bruce Schneier's Applied Crytography ( John Wiley & Sons), in conjunction with the SSL specification (from http://www.netscape.com/). The list of cipher suites is in the SSLeay software at ... /ssl/ssl.h. The macro names give a better idea of what is meant than the text strings.

SSLeay name

Config name

Keysize

EncryptedKeysize

SSL3_TXT_RSA_IDEA_128_SHA
IDEA-CBC-SHA

128

128

SSL3_TXT_RSA_NULL_MD5
NULL-MD5

0

0

SSL3_TXT_RSA_NULL_SHA
NULL-SHA

0

0

SSL3_TXT_RSA_RC4_40_MD5
EXP-RC4-MD5

128

40

SSL3_TXT_RSA_RC4_128_MD5
RC4-MD5

128

128

SSL3_TXT_RSA_RC4_128_SHA
RC4-SHA

128

128

SSL3_TXT_RSA_RC2_40_MD5
EXP-RC2-CBC-MD5

128

40

SSL3_TXT_RSA_IDEA_128_SHA
IDEA-CBC-MD5

128

128

SSL3_TXT_RSA_DES_40_CBC_SHA
EXP-DES-CBC-SHA

56

40

SSL3_TXT_RSA_DES_64_CBC_SHA
DES-CBC-SHA

56

56

SSL3_TXT_RSA_DES_192_CBC3_SHA
DES-CBC3-SHA

168

168

SSL3_TXT_DH_DSS_DES_40_CBC_SHA
EXP-DH-DSS-DES-CBC-SHA

56

40

SSL3_TXT_DH_DSS_DES_64_CBC_SHA
DH-DSS-DES-CBC-SHA

56

56

SSL3_TXT_DH_DSS_DES_192_CBC3_SHA
DH-DSS-DES-CBC3-SHA

168

168

SSL3_TXT_DH_RSA_DES_40_CBC_SHA
EXP-DH-RSA-DES-CBC-SHA

56

40

SSL3_TXT_DH_RSA_DES_64_CBC_SHA
DH-RSA-DES-CBC-SHA

56

56

SSL3_TXT_DH_RSA_DES_192_CBC3_SHA
DH-RSA-DES-CBC3-SHA

168

168

SSL3_TXT_EDH_DSS_DES_40_CBC_SHA
EXP-EDH-DSS-DES-CBC-SHA

56

40

SSL3_TXT_EDH_DSS_DES_64_CBC_SHA
EDH-DSS-DES-CBC-SHA

56

SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA
EDH-DSS-DES-CBC3-SHA

168

168

SSL3_TXT_EDH_RSA_DES_40_CBC_SHA
EXP-EDH-RSA-DES-CBC

56

40

SSL3_TXT_EDH_RSA_DES_64_CBC_SHA
EDH-RSA-DES-CBC-SHA

56

56

SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA
EDH-RSA-DES-CBC3-SHA

168

168

SSL3_TXT_ADH_RC4_40_MD5
EXP-ADH-RC4-MD5

128

40

SSL3_TXT_ADH_RC4_128_MD5
ADH-RC4-MD5

128

128

SSL3_TXT_ADH_DES_40_CBC_SHA
EXP-ADH-DES-CBC-SHA

128

40

SSL3_TXT_ADH_DES_64_CBC_SHA
ADH-DES-CBC-SHA

56

56

SSL3_TXT_ADH_DES_192_CBC_SHA
ADH-DES-CBC3-SHA

168

168

SSL3_TXT_FZA_DMS_NULL_SHA
FZA-NULL-SHA

0

0

SSL3_TXT_FZA_DMS_RC4_SHA
FZA-RC4-SHA

128

128

MD5_1
DES-CFB-M1

56

56

SSL2_TXT_RC2_128_CBC_WITH_MD5
RC2-CBC-MD5

128

128

SSL2_TXT_DES_64_CBC_WITH_MD5
DES-CBC-MD5

56

56

SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
DES-CBC3-MD5

168

168

SSL2_TXT_RC4_64_WITH_MD5
RC4-64-MD5

64

64

SSL2_TXT_NULL
NULL

0

0

For most purposes, the webmaster does not have to bother with all this, but some of the following directives need entries from this list.



Library Navigation Links

Copyright © 2001 O'Reilly & Associates. All rights reserved.











??????????????@Mail.ru