Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SSL/ RSA type encryption

1 view
Skip to first unread message

Alex Liberman

unread,
Nov 24, 1998, 3:00:00 AM11/24/98
to
Hello,

The (Mac/Powerplant) application I am building will need to access a secure
site, standard https/SSL 40-bit encryption. Do I need anything else besides
the MD5 library that comes with Powerplant's Internet classes?

I expect something more complicated is required, since a SSL program needs
to keep track of the site certificate, generate the public/private keys,
etc.

Thanks, -Alex

Miro Jurisic

unread,
Nov 25, 1998, 3:00:00 AM11/25/98
to
In article <365b6d11$0$12...@nntp1.ba.best.com>, "Alex Liberman"
<ale...@well.com> wrote:

>The (Mac/Powerplant) application I am building will need to access a secure
>site, standard https/SSL 40-bit encryption. Do I need anything else besides
>the MD5 library that comes with Powerplant's Internet classes?

MD5 is not encryption, it is message digest. Message digests are one way
hashes. So, to cut the long story short, MD5 has nothing to do with with
RSA or SSL.

meeroh

--
--

mee...@mit.edu | <http://www.mit.edu/people/meeroh/> | MIT I/S Mac developer
"Computers! All they ever think of is hex!"

matt...@my-dejanews.com

unread,
Nov 26, 1998, 3:00:00 AM11/26/98
to
In article <365b6d11$0$12...@nntp1.ba.best.com>,
"Alex Liberman" <ale...@well.com> wrote:
> The (Mac/Powerplant) application I am building will need to access a secure
> site, standard https/SSL 40-bit encryption. Do I need anything else besides
> the MD5 library that comes with Powerplant's Internet classes?
>
> I expect something more complicated is required, since a SSL program needs
> to keep track of the site certificate, generate the public/private keys,
> etc.

Yes, a lot more is needed. Look at
http://www.psy.uq.edu.au/~ftp/Crypto/ssleay/ for open code SSL. Since it is
Unix sockets code, you may need to use GUSI underneath it. I haven't yet
done enough in PowerPlant networking to know what needs to be done. Note
that in the US, RSA must be licensed for commercial use. 40 bit encryption is
of dubious worth, but of course you knew that.

I'm hoping someone else will jump in here and point to more Mac-specific code.

In fact, Rolf Braun has apparently implemented Secure Shell (SSH) support in
a BetterTelnet beta. SSH uses many of the same encryption, digesting,
hashing, and public-key cryptosystem pieces as SSL, so you might try asking
around for that code. Or hiring him. (He has posted earlier versions of the
BetterTelnet beta source.) Of course, any code to do these probably falls
under US Commerce export restrictions if it is sent to people outside the US
and Canada (e.g., posted publicly). Don't get me started; of course that
sucks.

HTH, Matt

-----------== Posted via Deja News, The Discussion Network ==----------
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own

Alex Liberman

unread,
Nov 26, 1998, 3:00:00 AM11/26/98
to
Thanks for the info,

So 40 bit encryption isn't public domain yet? My budget doesn't allow for
the $25,000 licensing fee for RSA (I think that is what it was?)
I only have $24,999.98 available to spend (just kidding!)

Bernie Wieser

unread,
Nov 26, 1998, 3:00:00 AM11/26/98
to
Yeah, you need to license from RSA for the better encryption... what does
the host expect? (Can you get away with DES?) Also, you might need a
certificate (yeehaw, $300 a year
to ******** or some other parasite.)

Alex Liberman wrote in message <365b6d11$0$12...@nntp1.ba.best.com>...
>Hello,


>
>The (Mac/Powerplant) application I am building will need to access a secure
>site, standard https/SSL 40-bit encryption. Do I need anything else besides
>the MD5 library that comes with Powerplant's Internet classes?
>
>I expect something more complicated is required, since a SSL program needs
>to keep track of the site certificate, generate the public/private keys,
>etc.
>

>Thanks, -Alex
>

0 new messages