iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Configuring for Secure Transport
iTP Secure WebServer System Administrator’s Guide—523346-002
4-6
Support for International 128-Bit SSL Sessions
Using VeriSign’s Global Server ID
Global Server IDs allow you to conduct a variety of secure transactions using 128-bit
SSL encryption. At the time of this publication, such transactions include the following
(for specific and up-to-date information about restrictions regarding Global Server ID
use, see the Verisign web page listed below):
•
Financial institutions can provide secure online banking and other financial
services to their customers inside and outside the United States
•
Companies can communicate with browsers and other clients that support the use
of Global Server IDs inside the United States and Canada
•
Companies can communicate with employees, subsidiaries, partners, and specific
customers outside the United States and Canada who use browsers and other
clients supporting Global Server IDs
Several export versions of browsers are now equipped to enable strong encryption
when they encounter a Global Server ID. For example, the international version of
Netscape Communicator (4.0 and above) supports 128-bit SSL encryption on a
per-session basis when it is used in transactions with an iTP Secure WebServer that
presents a valid Global Server ID. In this case, Netscape Communicator switches from
40-bit to 128-bit SSL encryption for the current transaction with that particular iTP
Secure WebServer.
Because key lengths longer than 40 bits are generally considered to provide strong
encryption (a 128-bit encrypted message is more difficult to break than a 40-bit
message by 309,485,009,821,345,068,724,781,056 times), the Global Server ID
allows your visitors worldwide to conduct secure transactions through your server.
Additionally, the Global Server ID assures your visitors of your site's legitimacy.
At the time of this publication, the browsers and other clients that support the use of
the Global Server ID are as follows:
•
Microsoft Internet Explorer 4.0 or later, or 3.02 or later with a special patch
•
Netscape Navigator 4.0 or later
•
Microsoft Money 98
•
Intuit Quicken
Global Server IDs are available to eligible financial institutions, companies,
organizations, universities, and government agencies in the United States. For specific
and up-to-date information about restrictions regarding Global Server ID use, see the
following Verisign web page:
http://digitalid.verisign.com/server/global/help/miscGlobalFAQ.htm
For Global Server ID enrollment information, go to the following VeriSign web page:
http://digitalid.verisign.com/server/global
To use VeriSign’s Global Server ID with the iTP Secure WebServer, obtain a Global
Server ID for the server and install it just as you would a regular certificate. See Using