× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. January 2001

Re: HTTPS on an iSeries Server?







Sean,

Thanks for getting back to me!  Just a couple of things:


>> Also, if in the future I
>> want to require a successful handshake to get a certain URL, can I have
an
>> environment where for some URL's client authentication is "None" and
some
>> it's "Required"?  How would I do this?

> I'm sure you can, but I haven't done it.

Anyone else hout there done this?


>> If I have separate test and production servers on separate boxes, do I
need
>> to get two certificates, or can I use the same one on both boxes?

>If the test box is for your use and not for the public, it's possible. I
>think you need the server key as well as the certificate.  I haven't
>tried it....

The test box is also the recovery box in case our production box goes down,
so I guess I'll need two certificates.  No big deal.

>> Are any of you guys using encryption higher than 40 bit?  I keep a copy
of
>> 128 bit Netscape on my machine, but the only site I visit that uses it
is
>> my broker's.  I'm a little leery of using anything higher than 40 bit,
as
>> most PC's ship with 40 bit IE, and users are generally not very happy
when
>> you make them do things like upgrade their browsers.

> I love 128 bit encryption.  The more the merrier!  In general, a client
> will use a key as long as it supports.  128 bit just means the server
> ALLOWS up to 128 bit.  It should still accept the first 40 from a client
> that doesn't support more (although I think the new standard has changed
> to 56 from 40.)  IMHO, no-one should do any e-commerce or banking (as a
> customer) with less than 128 bit encryption.

So unless you FORCE someone to use 128 bit encryption (like my broker
does), I can buy myself a 128 bit certificate and any SSL compliant browser
will be able to communicate at whatever encryption level it can handle?
Sounds cool!  I wholeheartedly agree with not using less than 128 bit
encryption, but I also know that I can't force my users to download new
browsers.

Thanks again for all your help!
Mike Eovino
Estes Express Lines
http://www.estes-express.com

The views, opinions, and judgments expressed in this message are solely
those of the author.  The message contents have not been reviewed or
approved by Estes Express Lines

This communication is confidential and is intended to be privileged.  If
there is a problem with this transmission, please contact the sender.  If
the reader of this message is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.




+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.