Re: SSL and Netscape

[Khanh Quoc Nguyen <qnguyen@cit.nepean.uws.edu.au>]

Hello ba'c Ai Viet.

>    Nghe no'i Netscape va` IE browsers dde^`u co' du`ng SSL dde^? trao
> ddo^?i tho^ng tin giu+~a server va` client. Kho^ng bie^'t anh na`o hay
> ho+n nhi?.
Theo em thi` Netscape ho+n vi` security cua? SSL Netscape ra la^u ho+n,  
du+o+.c xem xe't ky~ ho+n. Anyway that is a personal choice.

>    SSL co' nghi~a la` ba^'t cu+' mo^.t exchange na`o giu+~a server va`
> client dde^`u bi. encrypted, hay chi? khi na`o server no'i "do it" thi`
> mo+'i trao ddo^?i ma^.t ma~ va` tho^ng tin ma~ ho'a tho^i.
Yeap, SSL  ta.o mo^.t secure channel giu+a~ server va` client 
CHI? SAU khi server noi' va^.y Sau do' mo.i exchange du+o+.c encrypted.

>    Ne^'u lu'c na`o cu~ng ma~ ho'a thi` du`ng yahoo account ma^'y vi.
> gateway hay firewall la`m sao ddo.c ddu+o+.c .
Secure channel la` giu+a~ web brower va` server, no' kho^ng lie^n quan gi`
de^n'  gateway hay firewall (which function in lower layers).

>    Ne^'u kho^ng ma~ thi` du`ng on-line banking cha('c bi. "cho~m" ma^'t
> login ID va` Password tre^n ddu+o+`ng ddi ma^'t.
Du'ng va^.y.  But for SSL (international version 40bits) thi` chi? ne^n
du`ng cho nhu+ng~ tho^ng tin gi` kho^ng quan tro.ng hoa(.c la` se~ tro+?
tha`nh kho^ng quan tro.ng trong mo^.t tho+`i gian nga('n. Ly' do la` SSL
messages look like some random numbers, ra^'t de~ bi. pha't hie^.n.
Hacker co' the^? save the messages va` break chu'ng later. That is
feasible vo+i' 40bits SSL.

Ne^u' ba'c ca^n` the^m info gi` thi` email rie^ng cho em.

Regards
	Kha'nh