|
|
|
|||||||
| Notices |
 |
|
|
Thread Tools | Display Modes |
28-08-2007, 01:23 PM
|
#1 |
|
Guest
Posts: n/a
|
IE7 Vista - Determining 256 bit AES
So I understand in Vista with IE7, 256 bit AES SSL is supported.
During an SSL session, if in IE7 I go help about, I see 256 bit cipher strength. However, this is also reported when in HTTP mode only. Also when in an SSL session viewing the certificates properties does not indicate to me the bit length of the *actual* ssl session. So how do I determine if say I am in a 128bit or 256bit ssl session in IE7 on Vista? Thanks. |
|
|
28-08-2007, 01:23 PM
|
#2 |
|
Guest
Posts: n/a
|
Re: IE7 Vista - Determining 256 bit AES
The choice of ciphers is a negotiation between the browser and the server.
When a browser makes an HTTPS connection to a web server, the server offers a list of the cipher suites it can use. The client then chooses the strongest that it can also support. The cipher suite is a list of the encryption protocols used for authentication and key exchange. I don't know of any tools that can display which suite the browser selected. It would have to eavesdrop on the beginning of the handshake and watch which suite is selected from the list of those offered. Steve Riley "Bathrone" <> wrote in message news:#.gbl... > So I understand in Vista with IE7, 256 bit AES SSL is supported. > > During an SSL session, if in IE7 I go help about, I see 256 bit cipher > strength. However, this is also reported when in HTTP mode only. Also when > in an SSL session viewing the certificates properties does not indicate to > me the bit length of the *actual* ssl session. > > So how do I determine if say I am in a 128bit or 256bit ssl session in IE7 > on Vista? > > Thanks. |
|
|
|
28-08-2007, 01:23 PM
|
#3 |
|
Guest
Posts: n/a
|
Re: IE7 Vista - Determining 256 bit AES
Steve thankyou for your reply. AFAIK Mozilla Firefox easily indicates to the
user the bit strength of AES as per the URL below: https://256.xramp.com/img/mo_xramp.gif I suggest to Microsoft that users are interested in knowing if they have 128 or 256 bit aes ssl in their session. |
|
|
|
14-02-2009, 01:20 AM
|
#4 | |
|
Newbie
Join Date: Feb 2009
Age: 39
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
 OS:
|
Re: IE7 Vista - Determining 256 bit AES
Apologies for bumping an old thread, but I think there is some misinformation that should be corrected here in case anyone else gets this result while googling like I did.
Steve Riley is slightly incorrect. The choice of ciphers IS a negotiation between the client and the server, but the order is reversed here. During the handshake the client hello message comes first, in which the browser reports a list of the cipher suites it supports. The server responds with either a server hello which tells the browser which of those suites has been chosen for the session, or a failed handshake message which forces the client to disconnect. A small thing, but since Steve's answer has some authority, coming as it does from Microsoft, it might throw people off track when they're trying to debug SSL problems. Quote:
|
|
|
|
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| IE7 Vista - Determining 256 bit AES | Bathrone | Windows Security | 2 | 28-08-2007 01:22 PM |
| Help determining what to do with files | chikbrite | Windows Security | 3 | 28-08-2007 01:13 PM |
| Help determining what to do with files | chikbrite | Windows Security | 1 | 28-08-2007 01:11 PM |
| Determining when an account last logged in | M.Siler | Windows Server 2003 | 6 | 28-08-2007 10:24 AM |
| Determining who is logged into a PC | JohnB | Windows Server 2003 | 16 | 28-08-2007 09:13 AM |
< Windows Help - MS Office Help - Hardware Support >
| New To Site? | Need Help? |
Linear Mode
