[apple/security.git] / SecureTransport / README

                     SecureTransport notes
                       14 Feb 2002 dmitch

-- Server-side cert usage and configuration is highly application dependent. 

   -- Although the use of server-initiated key exchange is optional under
      the SSL3 spec, Netscape browsers (4.61 through 4.75) will not tolerate
	  this operation unless an exportable cipher is selected. The current 
	  configuration of the library will attempt to perform server-initiated
	  key exchange if and only if the app has specified an encryption 
	  certificate via SSLSetEncryptionCertificate(). Thus, in a config
	  which is required to work with Netscape browsers, if non-export
	  (i.e., strong) ciphers are to be supported, encryption certs
	  must NOT be specified, and the server cert specified in SSLSetCertificate()
	  must be capable of both signing and encryption. This applies to the underlying
	  keys as well. 
	  
   -- On top of that, even in a situation where Netscape will allow a server-
      initiated key exchange (export cipher, app specifies both kinds of certs),
	  Netscape will abort if the *signing-only* cert (specified in 
	  SSLSetCertificate()) is not capable of encryption! In this case that cert
	  is never even used for encryption. But that is the real world. 
	
	  Thus, to work with Netscape browsers with export-grade ciphers, the main
	  signing cert still has to be capable of encryption, even if the app specifies
	  a separate encryption cert. 
	  
   -- The SSL_SERVER_KEYEXCH_HACK flag, in sslBuildFlags.h, was previously used
      to work around the above-mentioned Netscape bug; when this flag is true,
	  server-initiated key exchange is only performed if an encrypting cert is
	  specified AND an export-grade cipher is selected. The current config has
	  this flag set false. 
	  
   -- SSL2 server-side operation requires the presence of a cert and key which is 
      capable of encryption (not signing). One cert, specified in SSLSetCertificate(),
	  can support both SSL2 and SSL3 if and only if it is capable of both signing
	  and encryption.
	  
-- Server mode operation with IE is fully functional and reliable. There is a 
   bug in IE which is worked around in SSLEncodeServerHello(), in hdskhelo.c.
   See comments there. Tested with IE 5.0 on OS 9 and 5.1.3 on OS X.  
   
-- Server untested with Windows clients. 

-- Client authentication is not tested.
Commit	Line	Data
29654253 A	1	SecureTransport notes
	2	14 Feb 2002 dmitch
	3
	4	-- Server-side cert usage and configuration is highly application dependent.
	5
	6	-- Although the use of server-initiated key exchange is optional under
	7	the SSL3 spec, Netscape browsers (4.61 through 4.75) will not tolerate
	8	this operation unless an exportable cipher is selected. The current
	9	configuration of the library will attempt to perform server-initiated
	10	key exchange if and only if the app has specified an encryption
	11	certificate via SSLSetEncryptionCertificate(). Thus, in a config
	12	which is required to work with Netscape browsers, if non-export
	13	(i.e., strong) ciphers are to be supported, encryption certs
	14	must NOT be specified, and the server cert specified in SSLSetCertificate()
	15	must be capable of both signing and encryption. This applies to the underlying
	16	keys as well.
	17
	18	-- On top of that, even in a situation where Netscape will allow a server-
	19	initiated key exchange (export cipher, app specifies both kinds of certs),
	20	Netscape will abort if the signing-only cert (specified in
	21	SSLSetCertificate()) is not capable of encryption! In this case that cert
	22	is never even used for encryption. But that is the real world.
	23
	24	Thus, to work with Netscape browsers with export-grade ciphers, the main
	25	signing cert still has to be capable of encryption, even if the app specifies
	26	a separate encryption cert.
	27
	28	-- The SSL_SERVER_KEYEXCH_HACK flag, in sslBuildFlags.h, was previously used
	29	to work around the above-mentioned Netscape bug; when this flag is true,
	30	server-initiated key exchange is only performed if an encrypting cert is
	31	specified AND an export-grade cipher is selected. The current config has
	32	this flag set false.
	33
	34	-- SSL2 server-side operation requires the presence of a cert and key which is
	35	capable of encryption (not signing). One cert, specified in SSLSetCertificate(),
	36	can support both SSL2 and SSL3 if and only if it is capable of both signing
	37	and encryption.
	38
	39	-- Server mode operation with IE is fully functional and reliable. There is a
	40	bug in IE which is worked around in SSLEncodeServerHello(), in hdskhelo.c.
	41	See comments there. Tested with IE 5.0 on OS 9 and 5.1.3 on OS X.
	42
	43	-- Server untested with Windows clients.
	44
	45	-- Client authentication is not tested.
	46