About: Server-Gated Cryptography

An Entity of Type: organisation, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

Server-Gated Cryptography (SGC), also known as International Step-Up by Netscape, is a defunct mechanism that was used to step up from 40-bit or 56-bit to 128-bit cipher suites with SSL. It was created in response to United States federal legislation on the export of strong cryptography in the 1990s. The legislation had limited encryption to weak algorithms and shorter key lengths in software exported outside of the United States of America. When the legislation added an exception for financial transactions, SGC was created as an extension to SSL with the certificates being restricted to financial organisations. In 1999, this list was expanded to include online merchants, healthcare organizations, and insurance companies. This legislation changed in January 2000, resulting in vendors no lo

Property Value
dbo:abstract
  • Šifrování SGC (Server-Gated Cryptography) je rozšířením protokolu SSL, které bylo vytvořeno kvůli exportnímu omezení vlády USA pro použití silného šifrování mimo území USA. Do roku 2000 proto bylo používáno internetovými prohlížeči slabé šifrování (40/56 bitů). Některé bankovní operace, ale vyžadovaly vyšší úroveň šifrování. Internetové prohlížeče firem Netscape a Microsoft byly ale dodávány se standardně vypnutým silným šifrováním. Omezený počet „schválených“ certifikačních autorit pak byl oprávněn vydávat zvláštní certifikáty pro webové stránky schválených organizací, které mohly v těchto prohlížečích odemknout silné šifrování a umožnit bezpečnou komunikaci pro tyto operace.Od ledna 2000 bylo exportní omezení silného šifrování z velké míry odstraněno a aktuální prohlížeče jsou schopny běžně užívat silné šifrování. SGC certifikáty jsou v současnosti schopny využít silnější šifrování i u starších prohlížečů. Pokud je silné šifrování pro některou aplikaci nutné, je alternativou k používání SGC certifikátů nakonfigurovat webové servery tak, aby odmítly prohlížeče používající slabé šifrování a doporučily jejich aktualizaci. (cs)
  • Server-Gated Cryptography (SGC), also known as International Step-Up by Netscape, is a defunct mechanism that was used to step up from 40-bit or 56-bit to 128-bit cipher suites with SSL. It was created in response to United States federal legislation on the export of strong cryptography in the 1990s. The legislation had limited encryption to weak algorithms and shorter key lengths in software exported outside of the United States of America. When the legislation added an exception for financial transactions, SGC was created as an extension to SSL with the certificates being restricted to financial organisations. In 1999, this list was expanded to include online merchants, healthcare organizations, and insurance companies. This legislation changed in January 2000, resulting in vendors no longer shipping export-grade browsers and SGC certificates becoming available without restriction. Internet Explorer supported SGC starting with patched versions of Internet Explorer 3. SGC became obsolete when Internet Explorer 5.01 SP1 and Internet Explorer 5.5 started supporting strong encryption without the need for a separate high encryption pack (except on Windows 2000, which needs its own high encryption pack that was included in Service Pack 2 and later). "Export-grade" browsers are unusable on the modern Web due to many servers disabling export cipher suites. Additionally, these browsers are incapable of using SHA-2 family signature hash algorithms like SHA-256. Certification authorities are trying to phase out the new issuance of certificates with the older SHA-1 signature hash algorithm. The continuing use of SGC facilitates the use of obsolete, insecure Web browsers with HTTPS. However, while certificates that use the SHA-1 signature hash algorithm remain available, some certificate authorities continue to issue SGC certificates (often charging a premium for them) although they are obsolete. The reason certificate authorities can charge a premium for SGC certificates is that browsers only allowed a limited number of roots to support SGC. When an SSL handshake takes place, the software (e.g. a web browser) would list the ciphers that it supports. Although the weaker exported browsers would only include weaker ciphers in its initial SSL handshake, the browser also contained stronger cryptography algorithms. There are two protocols involved to activate them. Netscape Communicator 4 used International Step-Up, which used the now obsolete insecure renegotiation to change to a stronger cipher suite. Microsoft used SGC, which sends a new Client Hello message listing the stronger cipher suites on the same connection after the certificate is determined to be SGC capable, and also supported Netscape Step-Up for compatibility (though this support in the NT 4.0 SP6 and IE 5.01 version had a bug where changing MAC algorithms during Step-Up did not work properly). (en)
dbo:wikiPageExternalLink
dbo:wikiPageID
  • 10930740 (xsd:integer)
dbo:wikiPageLength
  • 4722 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 968644451 (xsd:integer)
dbo:wikiPageWikiLink
dbp:wikiPageUsesTemplate
dcterms:subject
gold:hypernym
rdf:type
rdfs:comment
  • Šifrování SGC (Server-Gated Cryptography) je rozšířením protokolu SSL, které bylo vytvořeno kvůli exportnímu omezení vlády USA pro použití silného šifrování mimo území USA. Do roku 2000 proto bylo používáno internetovými prohlížeči slabé šifrování (40/56 bitů). Některé bankovní operace, ale vyžadovaly vyšší úroveň šifrování. Internetové prohlížeče firem Netscape a Microsoft byly ale dodávány se standardně vypnutým silným šifrováním. Omezený počet „schválených“ certifikačních autorit pak byl oprávněn vydávat zvláštní certifikáty pro webové stránky schválených organizací, které mohly v těchto prohlížečích odemknout silné šifrování a umožnit bezpečnou komunikaci pro tyto operace.Od ledna 2000 bylo exportní omezení silného šifrování z velké míry odstraněno a aktuální prohlížeče jsou schopny bě (cs)
  • Server-Gated Cryptography (SGC), also known as International Step-Up by Netscape, is a defunct mechanism that was used to step up from 40-bit or 56-bit to 128-bit cipher suites with SSL. It was created in response to United States federal legislation on the export of strong cryptography in the 1990s. The legislation had limited encryption to weak algorithms and shorter key lengths in software exported outside of the United States of America. When the legislation added an exception for financial transactions, SGC was created as an extension to SSL with the certificates being restricted to financial organisations. In 1999, this list was expanded to include online merchants, healthcare organizations, and insurance companies. This legislation changed in January 2000, resulting in vendors no lo (en)
rdfs:label
  • Šifrování SGC (cs)
  • Server-Gated Cryptography (en)
owl:sameAs
prov:wasDerivedFrom
foaf:isPrimaryTopicOf
is dbo:wikiPageDisambiguates of
is dbo:wikiPageRedirects of
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License