There are four categories of security characteristics:
Simple The predefined characteristics sybpks_simple and sybpks_simple_mutual_auth offer authentication but no encryption.
Strong The predefined characteristics sybpks_strong and sybpks_strong_mutual_auth offer greater domestic encryption strength.
Domestic All characteristics are suitable for domestic use. Clients using international cipher suites can connect to servers using domestic security characteristics.
International Because of export regulations, only these characteristics are suitable for export:
sybpks_simple
sybpks_simple_mutual_auth
sybpks_intl
sybpks_intl_mutual_auth
Table 13-2 lists the name, the level of authentication, and the supported cipher suites for each security characteristic. Table 13-1 describes the cipher suites listed here.
Name of characteristic |
Authenticates |
Cipher suites |
|---|---|---|
sybpks_simple |
server |
SSL_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_MD5 |
sybpks_simple_mutual_auth |
client/server |
SSL_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_MD5 |
sybpks_strong |
server |
SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 |
sybpks_strong_mutual_auth |
client/server |
SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 |
sybpks_intl |
server |
SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_MD5 |
sybpks_intl_mutual_auth |
client/server |
SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_MD5 |
sybpks_domestic |
server |
SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_DES_CBC_SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_MD5 |
sybpks_domestic_mutual_auth |
client/server |
SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_DES_CBC_SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_MD5 |
sybpks_domestic_anon |
none |
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA SSL_DH_anon_WITH_RC4_128_MD5 SSL_DH_anon_WITH_DES_CBC_SHA The sybpks_domestic_anon profile is used for anonymous Diffie-Hellman communications. Neither the client nor the server is authenticated. |
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
