| Author | Forum: PowerTCP SSL for ActiveX Topic: Which Encryption Method? |
| larryd From: Bremen, IN USA Posts: 12 Member Since: 02/26/01 |
posted December 4, 2002 12:41 PM We have the SSL tool. I am being asked by the higher ups which method ssl2 ssl3 tls pct would be considered the most secure. It is OUR sever and client so we can fix the method. We also generate our own certificates using Microsoft certificate server. Also, they are asking about DES and 3DES. They are hoping the tool uses 3DES. As you can tell by the questions, I'm not that familiar with the underlying theory. I've made the tools work, and they work fine. Can you please fill me in on the most secure of the Four, and the ting about DES or 3DES. Thanks, Larry |
Alex Gladshtein From: Rome, NY USA Posts: 131 Member Since: 12/27/00 |
posted December 4, 2002 4:54 PM Hello Larry, TLS, otherwise known as SSL 3.1, is currently considered the most secure, although many older servers only support SSL 3.0. Best Regards, Alex Gladshtein |
| larryd From: Bremen, IN USA Posts: 12 Member Since: 02/26/01 |
posted December 4, 2002 6:06 PM >TLS, otherwise known as SSL 3.1, is currently >considered the most secure, although many older >servers only support SSL 3.0. Thanks, now, is there a way for me to find out which encryption algorithm the DART tools use? Larry |
K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted December 6, 2002 1:53 PM Hi Larry, There is a Protocol property that can be examined and set to the protocol of choice. -ken |
| larryd From: Bremen, IN USA Posts: 12 Member Since: 02/26/01 |
posted December 6, 2002 3:09 PM Ken: Thanks. I knew how to set the protocol. I wanted to know how to force the tool to use a specific cipher. For instance if I want 3DES, how do I force the tool to use that on both ends? Larry |
| Alex Gladshtein From: Rome, NY USA Posts: 131 Member Since: 12/27/00 |
posted December 6, 2002 4:01 PM Hello Larry, We currently default to the standard RC4. Internally we have enumerated all the ciphers, but don't expose them or let the end-user set them, because frankly, nobody has ever asked. At the present time there is no way to set the value, but I will mark it as a feature request. If this is urgent for you, we have custom development options that will enable you to have features added to the product based on your needs (some free development options are also available to Elite Support customers). Otherwise, I will submit this as a feature request and have the development staff review this the next time there is a scheduled update to the product. Let us know if you are interested in any customizations. Best Regards, Alex Gladshtein |
| Alex Gladshtein From: Rome, NY USA Posts: 131 Member Since: 12/27/00 |
posted December 6, 2002 4:13 PM Larry, Just to clarify, our client will use whatever cipher the server requests, and our server will normally request RC4 from a client. So, if you are talking with a server that requests 3DES, then the client will respond in such a fashion. Regards, Alex Gladshtein |
| larryd From: Bremen, IN USA Posts: 12 Member Since: 02/26/01 |
posted December 6, 2002 5:35 PM Thanks Alex. This is a governemnt application and my understanding is that RC4 hasn't been approved for government use but 3DES is. I did some research and found that I could enable or disable all the ciphers via the registry. If on my server machines I disable all but 3DES, then I guess that means we'll be using 3DES. It would be nice though for a future update to allow cipher select. Larry |
| JimPinkston Jim.Pinkston@gogallagher.com From: Brentwood, TN USA Posts: 5 Member Since: 05/15/03 |
posted May 29, 2003 10:55 AM Does setting the 3DES in the registry work? Have you added the ability to set the Cypher method yet? |
| Reply | Return to search results | Forums |
This site is powered by
PowerTCP WebServer for ActiveX
|