The U.S. regulates products used for encryption and prohibits their export unless their key size is strictly limited. This chapter summarizes the key sizes and the SSL encryption modes for U.S. and export products. These key sizes and encryption modes are dictated by U.S. export rules.
Customers in the U.S. and Canada can install the U.S.-Canadian version or the export version of the Internet Connection Secure Server.
Public and private keys are used to encrypt and decrypt messages, data, and message digests. They are also used for creating message digests as part of digital signature.
The U.S.-Canadian version of the server can do the following:
The export version of the server can do the following:
As US export laws are updated, the supported key lengths and algorithms are subject to change. Refer to the Internet Connection Family web site at http://ics.raleigh.ibm.com for the latest information.
SSL uses a security handshake to initiate the TCP/IP connection between the client and the server. During the handshake, the client and server agree on the level of security they will use, and the client authenticates the server. After that, SSL is used to encrypt and decrypt the information in both the request and the server response.