Server gated cryptography

From Wikipedia, the free encyclopedia

Server Gated Cryptography (SGC) was created in response to United States federal legislation on the export of strong cryptography in the 1990s.

The legislation had limited encryption to weak algorithms and shorter key lengths if used in software outside of the United States of America.

As the legislation included an exception for financial transactions, SGC was created as an extension to SSL, with SGC certificates only issued to financial organisations.

When an SSL handshake takes place, the software (e.g. a web browser) would list the ciphers that it supports.

Although the weaker exported browsers would only include weaker ciphers in its SSL handshake, the browser did also contain stronger cryptography algorithms.

To comply with the legislation, the browser would only renegotiate the handshake to use the stronger ciphers if the browser detected that the server has an SGC certificate.

This legislation has now been revoked and SGC certificates can now be issued to any organisation.

Internet Explorer used SGC with 40-bit and 128-bit encryption starting with patched versions of Internet Explorer 3, version 4, and version 5+.

[edit] External links

• Thawte's page on Server Gated Cryptography
• Microsoft's page on Server Gated Cryptography
• University of Cambridge page on Server Gated Cryptography

v • d • e Internet Explorer Versions Version 2 · Version 3 · Version 4 · Version 5 · Version 6 · Version 7 · Version 8 Mobile · for Mac · for UNIX Overview History · Removal · Easter eggs · Box model bug · Add-ins · Extensions · Shells Current technologies and related software Trident (MSHTML) · MSXML · RSS Platform · JScript · XMLHttpRequest · ActiveX · Administration Kit · Developer Toolbar · HTA · HTML+TIME · Web Archive (MHTML)  · Favicon · HTML Components · Vector Markup Language (VML) · Integrated Windows Authentication · Temporary Internet Files · Index.dat · Browser Helper Object (BHO) · Web Proxy Autodiscovery Protocol (WPAD) Previous technologies and related software Outlook Express · Internet Mail and News · Comic Chat · NetMeeting · NetShow · DirectX Media · Windows Address Book  · Windows Desktop Update · Active Desktop · Active Channel · Channel Definition Format  · Java Virtual Machine  · Server Gated Cryptography (SGC)  · Smart tags · MSN Explorer · Spyglass · Tasman Events First browser war · United States v. Microsoft · Sun v. Microsoft · Download.ject · Eolas v. Microsoft  · Second browser war Related topics Comparison of Web browsers · Usage share of web browsers · List of web browsers · Browser timeline